Vulnerabilities in SourceCodester

1,832 results
Vexday analysis

Com 1.829 CVEs catalogadas e 132 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao SourceCodester reflete um ritmo elevado de descobertas recentes que exige atenção contínua. A taxa de exploração ativa está abaixo da média geral do catálogo, sem registros no CISA KEV, o que pode indicar menor visibilidade dos ativos em ambientes críticos, mas não reduz o risco potencial dado que 143 falhas já possuem PoC pública disponível. O tipo de falha mais comum é CWE-89 (SQL Injection), uma classe de vulnerabilidade com longa tradição de abuso e baixo custo de exploração. A CVE mais perigosa identificada atualmente é CVE-2022-4855, com score EPSS de 0,2646, sugerindo probabilidade não negligenciável de exploração e recomendando priorização imediata em processos de remediação.

CVE-2023-4219HIGHSourceCodester Doctors Appointment System login.php sql injectionEPSS 0.7%CVE-2024-2577HIGHSourceCodester Employee Task Management System update-employee.php authorizationEPSS 0.7%CVE-2024-2575HIGHSourceCodester Employee Task Management System task-details.php authorizationEPSS 0.7%CVE-2024-3221MEDIUMSourceCodester PHP Task Management System attendance-info.php sql injectionEPSS 0.7%CVE-2024-3223MEDIUMSourceCodester PHP Task Management System admin-manage-user.php sql injectionEPSS 0.7%CVE-2024-3222MEDIUMSourceCodester PHP Task Management System admin-password-change.php sql injectionEPSS 0.7%CVE-2024-6280MEDIUMSourceCodester Simple Online Bidding System unrestricted uploadEPSS 0.7%CVE-2025-4912MEDIUMSourceCodester Student Result Management System Image File update_student.php path traversalEPSS 0.7%CVE-2024-7748MEDIUMSourceCodester Accounts Manager App delete-account.php sql injectionEPSS 0.7%CVE-2023-5587MEDIUMSourceCodester Free Hospital Management System for Small Practices Parameter doctors.php sql injectionEPSS 0.7%CVE-2022-4222MEDIUMSourceCodester Canteen Management System POST Request ajax_invoice.php query sql injectionEPSS 0.7%CVE-2024-7797MEDIUMSourceCodester Simple Online Bidding System ajax.php sql injectionEPSS 0.7%CVE-2023-2667LOWSourceCodester Lost and Found Information System cross site scriptingEPSS 0.7%CVE-2024-2153MEDIUMSourceCodester Online Mobile Management Store view_order.php sql injectionEPSS 0.7%CVE-2023-2217MEDIUMSourceCodester Task Reminder System manage_reminder.php sql injectionEPSS 0.7%CVE-2023-2218MEDIUMSourceCodester Task Reminder System manage_user.php sql injectionEPSS 0.7%CVE-2024-2077MEDIUMSourceCodester Simple Online Bidding System index.php sql injectionEPSS 0.7%CVE-2023-0906HIGHSourceCodester Online Pizza Ordering System POST Parameter ajax.php delete_category missing authenticationEPSS 0.7%CVE-2022-1080HIGHSourceCodester One Church Management System attendancy.php sql injectionEPSS 0.7%CVE-2022-1102MEDIUMSourceCodester Royale Event Management System companyprofile.php cross site scriptingEPSS 0.7%