Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1806

Browse all 1806 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Pharmacy Sales and Inventory System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Pet Grooming Management Software Pizzafy Ecommerce System Online Tours & Travels Management System Kortex Lite Advocate Office Management System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Clinics Patient Management System Prison Management System Employee Management System Lost and Found Information System Engineers Online Portal Student Result Management System Simple Online Bidding System Employee Task Management System AC Repair and Services System Inventory Management System Food Ordering Management System Online Graduate Tracer System Hotel and Lodge Management System Computer Laboratory Management System Gym Management System Canteen Management System Online Courseware Human Resource Management System
CVE IDTitleCVSSSeverityPublished
CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection — Human Resource ManagementCWE-99 4.3 Medium2026-06-02
CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion — Pizzafy Ecommerce SystemCWE-73 6.3 Medium2026-06-02
CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion — Pizzafy Ecommerce SystemCWE-73 6.3 Medium2026-06-02
CVE-2026-10295 SourceCodester Customer Review App review_app.py get_all_reviews denial of service — Customer Review AppCWE-404 3.3 Low2026-06-01
CVE-2026-10287 SourceCodester SEO Meta Tag Extractor index.php get_headers server-side request forgery — SEO Meta Tag ExtractorCWE-918 7.3 High2026-06-01
CVE-2026-10263 SourceCodester Computer Repair Shop Management System manage_product.php sql injection — Computer Repair Shop Management SystemCWE-89 7.3 High2026-06-01
CVE-2026-10255 SourceCodester Pharmacy Sales and Inventory System ShowForm.php sell_statement access control — Pharmacy Sales and Inventory SystemCWE-284 5.3 Medium2026-06-01
CVE-2026-10254 SourceCodester Pet Grooming Management Software admin file information disclosure — Pet Grooming Management SoftwareCWE-538 5.3 Medium2026-06-01
CVE-2026-10248 SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection — Pharmacy Sales and Inventory SystemCWE-1236 4.7 Medium2026-06-01
CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10246 SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10245 SourceCodester Pharmacy Sales and Inventory System main create_supplier cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10237 SourceCodester Water Billing Management System User Management manage_user sql injection — Water Billing Management SystemCWE-89 4.7 Medium2026-06-01
CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization — Water Billing Management SystemCWE-285 7.3 High2026-06-01
CVE-2026-10185 SourceCodester Hospitals Patient Records Management System Users.php save sql injection — Hospitals Patient Records Management SystemCWE-89 7.3 High2026-05-31
CVE-2026-10184 SourceCodester Hospitals Patient Records Management System Users.php delete sql injection — Hospitals Patient Records Management SystemCWE-89 7.3 High2026-05-31
CVE-2026-9603 SourceCodester eDoc Doctor Appointment System delete-session.php authorization — eDoc Doctor Appointment SystemCWE-862 6.5 Medium2026-05-26
CVE-2026-9583 SourceCodester CET Automated Grading System with AI Predictive Analytics SQL index.php information exposure — CET Automated Grading System with AI Predictive AnalyticsCWE-209 4.3 Medium2026-05-26
CVE-2026-9582 SourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgery — CET Automated Grading System with AI Predictive AnalyticsCWE-352 4.3 Medium2026-05-26
CVE-2026-9564 SourceCodester/oretnom23 Hospitals Patient Records Management System view_patient cross site scripting — Hospitals Patient Records Management SystemCWE-79 2.4 Low2026-05-26
CVE-2026-9486 SourceCodester Student Grades Management System cross-site request forgery — Student Grades Management SystemCWE-352 4.3 Medium2026-05-25
CVE-2026-9485 SourceCodester Student Grades Management System students.php cross site scripting — Student Grades Management SystemCWE-79 3.5 Low2026-05-25
CVE-2026-9484 SourceCodester Student Grades Management System classroom.php removeStudentFromClassroom improper authorization — Student Grades Management SystemCWE-285 6.3 Medium2026-05-25
CVE-2026-9483 SourceCodester Student Grades Management System grades.php improper authorization — Student Grades Management SystemCWE-285 6.3 Medium2026-05-25
CVE-2026-9447 SourceCodester Simple POS and Inventory System search.php sql injection — Simple POS and Inventory SystemCWE-89 7.3 High2026-05-25
CVE-2026-9446 SourceCodester Simple POS and Inventory System edit_customer.php sql injection — Simple POS and Inventory SystemCWE-89 4.7 Medium2026-05-25
CVE-2026-9445 SourceCodester Simple POS and Inventory System File Extension addproduct.php unrestricted upload — Simple POS and Inventory SystemCWE-434 6.3 Medium2026-05-25
CVE-2026-9444 SourceCodester Simple POS and Inventory System GET Parameter deleteproduct.php delete sql injection — Simple POS and Inventory SystemCWE-89 4.7 Medium2026-05-25
CVE-2026-9414 SourceCodester Indian Invoicing System Invoice Template Render Database-Backed add_order.php cross site scripting — Indian Invoicing SystemCWE-79 3.5 Low2026-05-25

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.