Vulnerabilities in SourceCodester

1,844 results
Vexday analysis

Com 1.829 CVEs catalogadas e 132 surgidas apenas nos últimos 90 dias, o volume de vulnerabilidades associadas ao SourceCodester reflete um ritmo elevado de descobertas recentes que exige atenção contínua. A taxa de exploração ativa está abaixo da média geral do catálogo, sem registros no CISA KEV, o que pode indicar menor visibilidade dos ativos em ambientes críticos, mas não reduz o risco potencial dado que 143 falhas já possuem PoC pública disponível. O tipo de falha mais comum é CWE-89 (SQL Injection), uma classe de vulnerabilidade com longa tradição de abuso e baixo custo de exploração. A CVE mais perigosa identificada atualmente é CVE-2022-4855, com score EPSS de 0,2646, sugerindo probabilidade não negligenciável de exploração e recomendando priorização imediata em processos de remediação.

CVE-2023-4438MEDIUMSourceCodester Inventory Management System search_sales_report.php sql injectionEPSS 0.6%CVE-2023-4442MEDIUMSourceCodester Free Hospital Management System for Small Practices booking-complete.php sql injectionEPSS 0.6%CVE-2023-4444MEDIUMSourceCodester Free Hospital Management System for Small Practices edit-user.php sql injectionEPSS 0.6%CVE-2023-4437MEDIUMSourceCodester Inventory Management System search_sell_paymen_report.php sql injectionEPSS 0.6%CVE-2023-4443MEDIUMSourceCodester Free Hospital Management System for Small Practices edit-doc.php sql injectionEPSS 0.6%CVE-2024-4931MEDIUMSourceCodester Simple Online Bidding System sql injectionEPSS 0.6%CVE-2024-9328MEDIUMSourceCodester Advocate Office Management System edit_client.php sql injectionEPSS 0.6%CVE-2023-0530MEDIUMSourceCodester Online Tours & Travels Management System approve_user.php sql injectionEPSS 0.6%CVE-2024-7222MEDIUMSourceCodester Lot Reservation Management System home.php sql injectionEPSS 0.6%CVE-2024-9321MEDIUMSourceCodester Online Railway Reservation System view_details.php access controlEPSS 0.6%CVE-2024-1197HIGHSourceCodester Testimonial Page Manager HTTP GET Request delete-testimonial.php sql injectionEPSS 0.6%CVE-2024-2059MEDIUMSourceCodester Petrol Pump Management Software service_crud.php unrestricted uploadEPSS 0.6%CVE-2023-3599MEDIUMSourceCodester Best Fee Management System Add User admin_class.php save_user access controlEPSS 0.6%CVE-2023-2678LOWSourceCodester File Tracker Manager System POST Parameter save_user.php cross site scriptingEPSS 0.6%CVE-2023-1179LOWSourceCodester Computer Parts Sales and Inventory System Add Supplier cross site scriptingEPSS 0.6%CVE-2024-7851MEDIUMSourceCodester Yoga Class Registration System Add User Users.php improper authorizationEPSS 0.6%CVE-2023-1432HIGHSourceCodester Online Food Ordering System POST Request access controlEPSS 0.6%CVE-2024-0351LOWSourceCodester Engineers Online Portal session fixiationEPSS 0.6%CVE-2023-2814LOWSourceCodester Class Scheduling System POST Parameter save_teacher.php cross site scriptingEPSS 0.6%CVE-2024-8223MEDIUMSourceCodester Music Gallery Site Master.php sql injectionEPSS 0.6%