Vulnerabilities (CVE)

Filtered by vendor Sourcecodester Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41728 1 Sourcecodester 1 News247 Cms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News247 CMS 1.0 via the search function in articles.
CVE-2020-24932 1 Sourcecodester 1 Complaint Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php.
CVE-2019-18417 1 Sourcecodester 1 Restaurant Management System 2024-11-21 6.5 MEDIUM 8.8 HIGH
Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., "add a new food" allows .php files.
CVE-2019-18414 1 Sourcecodester 1 Restaurant Management System 2024-11-21 6.8 MEDIUM 8.8 HIGH
Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page.