sourcecodester CVE Vulnerabilities & Metrics

Focus on sourcecodester vulnerabilities and metrics.

Last updated: 27 Apr 2025, 22:25 UTC

About sourcecodester Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with sourcecodester. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total sourcecodester CVEs: 9
Earliest CVE date: 24 Oct 2019, 18:15 UTC
Latest CVE date: 14 May 2024, 15:38 UTC

Latest CVE reference: CVE-2024-34231

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 5

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical sourcecodester CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 2.79

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	5
4.0-6.9	3
7.0-8.9	1
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS sourcecodester CVEs

These are the five CVEs with the highest CVSS scores for sourcecodester, sorted by severity first and recency.

CVE-2020-24932 sourcecodester Published on 27 Oct 2021, 14:15 UTC (CVSS: 7.5)
An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php.
CVE-2019-18414 sourcecodester Published on 24 Oct 2019, 18:15 UTC (CVSS: 6.8)
Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page.
CVE-2019-18417 sourcecodester Published on 24 Oct 2019, 18:15 UTC (CVSS: 6.5)
Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., "add a new food" allows .php files.
CVE-2021-41728 sourcecodester Published on 28 Oct 2021, 15:15 UTC (CVSS: 4.3)
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News247 CMS 1.0 via the search function in articles.
CVE-2024-34231 sourcecodester Published on 14 May 2024, 15:38 UTC (CVSS: 0)
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter.

All CVEs for sourcecodester

CVE-2024-34231 sourcecodester vulnerability CVSS: 0 14 May 2024, 15:38 UTC

A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter.

CVE-2024-34230 sourcecodester vulnerability CVSS: 0 14 May 2024, 15:38 UTC

CVE-2024-33305 sourcecodester vulnerability CVSS: 0 02 May 2024, 14:15 UTC

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User.

CVE-2024-33307 sourcecodester vulnerability CVSS: 0 01 May 2024, 20:15 UTC

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User.

CVE-2024-33306 sourcecodester vulnerability CVSS: 0 01 May 2024, 20:15 UTC

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User.

CVE-2021-41728 sourcecodester vulnerability CVSS: 4.3 28 Oct 2021, 15:15 UTC

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News247 CMS 1.0 via the search function in articles.

CVE-2020-24932 sourcecodester vulnerability CVSS: 7.5 27 Oct 2021, 14:15 UTC

An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php.

CVE-2019-18417 sourcecodester vulnerability CVSS: 6.5 24 Oct 2019, 18:15 UTC

Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., "add a new food" allows .php files.

CVE-2019-18414 sourcecodester vulnerability CVSS: 6.8 24 Oct 2019, 18:15 UTC

Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a crafted HTML page.