Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

SourceCodester — Vulnerabilities & Security Advisories 1828

Browse all 1828 CVE security advisories affecting SourceCodester. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SourceCodester operates as a repository for free and premium source code, scripts, and web applications, primarily serving developers seeking ready-made solutions for rapid deployment. This business model inherently exposes users to significant security risks, as the platform hosts thousands of projects with varying levels of code review. Historically, vulnerabilities found in these downloads frequently include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from outdated frameworks or unpatched dependencies. Privilege escalation flaws are also common, allowing attackers to bypass authentication mechanisms. While SourceCodester does not typically manage post-download security patches, the sheer volume of recorded CVEs highlights systemic issues in code quality assurance. Users relying on these resources must perform rigorous independent security audits, as the platform’s primary focus remains distribution rather than comprehensive vulnerability management or remediation support.

Top products by SourceCodester: Best Salon Management System Pharmacy Sales and Inventory System Online Computer and Laptop Store Online Eyewear Shop Best House Rental Management System Pet Grooming Management Software Pizzafy Ecommerce System Online Tours & Travels Management System Kortex Lite Advocate Office Management System Sales and Inventory System Web-based Pharmacy Product Management System Record Management System Prison Management System Clinics Patient Management System Lost and Found Information System Employee Management System Engineers Online Portal Student Result Management System Employee Task Management System Simple Online Bidding System Inventory Management System Online Graduate Tracer System AC Repair and Services System Food Ordering Management System Computer Laboratory Management System Hotel and Lodge Management System Gym Management System Canteen Management System Online Courseware Human Resource Management System
CVE IDTitleCVSSSeverityPublished
CVE-2026-10248 SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection — Pharmacy Sales and Inventory SystemCWE-1236 4.7 Medium2026-06-01
CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10246 SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10245 SourceCodester Pharmacy Sales and Inventory System main create_supplier cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 3.5 Low2026-06-01
CVE-2026-10237 SourceCodester Water Billing Management System User Management manage_user sql injection — Water Billing Management SystemCWE-89 4.7 Medium2026-06-01
CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization — Water Billing Management SystemCWE-285 7.3 High2026-06-01
CVE-2026-10185 SourceCodester Hospitals Patient Records Management System Users.php save sql injection — Hospitals Patient Records Management SystemCWE-89 7.3 High2026-05-31
CVE-2026-10184 SourceCodester Hospitals Patient Records Management System Users.php delete sql injection — Hospitals Patient Records Management SystemCWE-89 7.3 High2026-05-31
CVE-2026-9603 SourceCodester eDoc Doctor Appointment System delete-session.php authorization — eDoc Doctor Appointment SystemCWE-862 6.5 Medium2026-05-26
CVE-2026-9583 SourceCodester CET Automated Grading System with AI Predictive Analytics SQL index.php information exposure — CET Automated Grading System with AI Predictive AnalyticsCWE-209 4.3 Medium2026-05-26
CVE-2026-9582 SourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgery — CET Automated Grading System with AI Predictive AnalyticsCWE-352 4.3 Medium2026-05-26
CVE-2026-9564 SourceCodester/oretnom23 Hospitals Patient Records Management System view_patient cross site scripting — Hospitals Patient Records Management SystemCWE-79 2.4 Low2026-05-26
CVE-2026-9486 SourceCodester Student Grades Management System cross-site request forgery — Student Grades Management SystemCWE-352 4.3 Medium2026-05-25
CVE-2026-9485 SourceCodester Student Grades Management System students.php cross site scripting — Student Grades Management SystemCWE-79 3.5 Low2026-05-25
CVE-2026-9484 SourceCodester Student Grades Management System classroom.php removeStudentFromClassroom improper authorization — Student Grades Management SystemCWE-285 6.3 Medium2026-05-25
CVE-2026-9483 SourceCodester Student Grades Management System grades.php improper authorization — Student Grades Management SystemCWE-285 6.3 Medium2026-05-25
CVE-2026-9447 SourceCodester Simple POS and Inventory System search.php sql injection — Simple POS and Inventory SystemCWE-89 7.3 High2026-05-25
CVE-2026-9446 SourceCodester Simple POS and Inventory System edit_customer.php sql injection — Simple POS and Inventory SystemCWE-89 4.7 Medium2026-05-25
CVE-2026-9445 SourceCodester Simple POS and Inventory System File Extension addproduct.php unrestricted upload — Simple POS and Inventory SystemCWE-434 6.3 Medium2026-05-25
CVE-2026-9444 SourceCodester Simple POS and Inventory System GET Parameter deleteproduct.php delete sql injection — Simple POS and Inventory SystemCWE-89 4.7 Medium2026-05-25
CVE-2026-9414 SourceCodester Indian Invoicing System Invoice Template Render Database-Backed add_order.php cross site scripting — Indian Invoicing SystemCWE-79 3.5 Low2026-05-25
CVE-2026-9413 SourceCodester Indian Invoicing System category.php cross site scripting — Indian Invoicing SystemCWE-79 4.3 Medium2026-05-25
CVE-2026-9412 SourceCodester Indian Invoicing System Backend Endpoint access control — Indian Invoicing SystemCWE-284 6.3 Medium2026-05-25
CVE-2026-9411 SourceCodester Indian Invoicing System Invoice Generation IGST_Invoice.php sql injection — Indian Invoicing SystemCWE-89 6.3 Medium2026-05-25
CVE-2026-9377 SourceCodester SUP Online Shopping productedit.php cross site scripting — SUP Online ShoppingCWE-79 2.4 Low2026-05-24
CVE-2026-9356 SourceCodester Hospitals Patient Records Management System manage_history.php sql injection — Hospitals Patient Records Management SystemCWE-89 7.3 High2026-05-24
CVE-2026-9355 SourceCodester Hospitals Patient Records Management System Master.php save_patient_history sql injection — Hospitals Patient Records Management SystemCWE-89 7.3 High2026-05-24
CVE-2026-9342 SourceCodester Hospitals Patient Records Management System view_history.php sql injection — Hospitals Patient Records Management SystemCWE-89 6.3 Medium2026-05-23
CVE-2026-8136 SourceCodester Pharmacy Sales and Inventory System index.php users cross site scripting — Pharmacy Sales and Inventory SystemCWE-79 2.4 Low2026-05-08

This page lists every published CVE security advisory associated with SourceCodester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.