Vulnerabilities in SourceCodester

1,839 results
Vexday analysis

Com 1.829 CVEs catalogadas e 132 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao SourceCodester reflete um ritmo elevado de descobertas recentes que exige atenção contínua. A taxa de exploração ativa está abaixo da média geral do catálogo, sem registros no CISA KEV, o que pode indicar menor visibilidade dos ativos em ambientes críticos, mas não reduz o risco potencial dado que 143 falhas já possuem PoC pública disponível. O tipo de falha mais comum é CWE-89 (SQL Injection), uma classe de vulnerabilidade com longa tradição de abuso e baixo custo de exploração. A CVE mais perigosa identificada atualmente é CVE-2022-4855, com score EPSS de 0,2646, sugerindo probabilidade não negligenciável de exploração e recomendando priorização imediata em processos de remediação.

CVE-2024-2058MEDIUMSourceCodester Petrol Pump Management Software product.php unrestricted uploadEPSS 0.6%CVE-2024-5895MEDIUMSourceCodester Employee and Visitor Gate Pass Logging System delete_users sql injectionEPSS 0.6%CVE-2023-3143LOWSourceCodester Online Discussion Forum Site manage_post.php cross site scriptingEPSS 0.6%CVE-2023-6313LOWSourceCodester URL Shortener Long URL cross site scriptingEPSS 0.6%CVE-2023-1857LOWSourceCodester Online Computer and Laptop Store cross site scriptingEPSS 0.6%CVE-2023-1360MEDIUMSourceCodester Employee Payslip Generator with Sending Mail New User Creation sql injectionEPSS 0.6%CVE-2023-6440LOWSourceCodester Book Borrower System add-book.php cross site scriptingEPSS 0.6%CVE-2025-1598MEDIUMSourceCodester Best Church Management Software asset_crud.php unrestricted uploadEPSS 0.6%CVE-2023-2372LOWSourceCodester Online DJ Management System cross site scriptingEPSS 0.6%CVE-2024-3427LOWSourceCodester Online Courseware addq.php cross site scriptingEPSS 0.6%CVE-2024-3042MEDIUMSourceCodester Simple Subscription Website manage_user.php sql injectionEPSS 0.6%CVE-2024-7811MEDIUMSourceCodester Daily Expenses Monitoring App delete-expense.php sql injectionEPSS 0.6%CVE-2023-6896LOWSourceCodester Simple Image Stack Website cross site scriptingEPSS 0.6%CVE-2023-1503MEDIUMSourceCodester Alphaware Simple E-Commerce System admin_index.php sql injectionEPSS 0.6%CVE-2024-5123MEDIUMSourceCodester Event Registration System cross site scriptingEPSS 0.6%CVE-2023-0570MEDIUMSourceCodester Online Tours & Travels Management System payment_operation.php sql injectionEPSS 0.6%CVE-2023-1502MEDIUMSourceCodester Alphaware Simple E-Commerce System edit_customer.php sql injectionEPSS 0.6%CVE-2024-2555MEDIUMSourceCodester Employee Task Management System update-admin.php sql injectionEPSS 0.6%CVE-2023-6301LOWSourceCodester Best Courier Management System GET Parameter parcel_list.php cross site scriptingEPSS 0.6%CVE-2023-6300LOWSourceCodester Best Courier Management System cross site scriptingEPSS 0.6%