← Back

Donbermoy

donbermoy

15 CVEs • 10 products

Products (10)

Click to collapse
Toggle
Advanced Web Store
advanced_web_store
3 CVEs
Advanced School Management System
advanced_school_management_system
3 CVEs
Complete E Commerce Site
complete_e-commerce_site
2 CVEs
Online Chatting System
online_chatting_system
1 CVE
Pisay Online E Learning System
pisay_online_e-learning_system
1 CVE
Online Art Gallery Management System
online_art_gallery_management_system
1 CVE
E Commerce Website
e-commerce_website
1 CVE
Online College Library System
online_college_library_system
1 CVE
Online Farm Management System
online_farm_management_system
1 CVE
Android Corona Virus Tracker App For India
android_corona_virus_tracker_app_for_india
1 CVE

CVEs (15)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-56608
1Donbermoy
1Android Corona Virus Tracker App For India
Sep 8, 2025
Sep 3, 2025
N/A· v4
4.2 MEDIUM· v3
N/A· v2
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in `OkHttpClientWrapper.java`. The `handleDigest()` function employs `MessageDigest.getInstance("MD5")` to ha...Show more
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in `OkHttpClientWrapper.java`. The `handleDigest()` function employs `MessageDigest.getInstance("MD5")` to hash credentials. MD5 is a broken cryptographic algorithm known to allow hash collisions. This makes the authentication mechanism vulnerable to replay, spoofing, or brute-force attacks, potentially leading to unauthorized access. The vulnerability corresponds to CWE-327 and aligns with OWASP M5: Insufficient Cryptography and MASVS MSTG-CRYPTO-4.Show less
CVE-2025-9833
1Donbermoy
1Online Farm Management System
Apr 29, 2026
Sep 2, 2025
5.5 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability was detected in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname res...Show more
A vulnerability was detected in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.Show less
CVE-2025-9690
1Donbermoy
1Advanced School Management System
Apr 29, 2026
Aug 30, 2025
2.1 LOW· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A flaw has been found in SourceCodester Advanced School Management System 1.0. This affects an unknown function of the file /index.php/stock/vendordetails. This manipulation of the argument ID causes sql injection. The a...Show more
A flaw has been found in SourceCodester Advanced School Management System 1.0. This affects an unknown function of the file /index.php/stock/vendordetails. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.Show less
CVE-2025-9689
1Donbermoy
1Advanced School Management System
Apr 29, 2026
Aug 30, 2025
2.1 LOW· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/item_select. The manipulation of the argument q results in sq...Show more
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/item_select. The manipulation of the argument q results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.Show less
CVE-2025-9306
1Donbermoy
1Advanced School Management System
Apr 29, 2026
Aug 21, 2025
2.0 LOW· v4
5.4 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject re...Show more
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.Show less
CVE-2025-4504
1Donbermoy
1Online College Library System
May 16, 2025
May 10, 2025
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability was found in SourceCodester Online College Library System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument Category leads t...Show more
A vulnerability was found in SourceCodester Online College Library System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4314
1Donbermoy
1Advanced Web Store
May 14, 2025
May 6, 2025
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argumen...Show more
A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4313
1Donbermoy
1Advanced Web Store
May 14, 2025
May 6, 2025
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/admin_addnew_product.php. The manipulation of the argument txtProd...Show more
A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/admin_addnew_product.php. The manipulation of the argument txtProdId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4312
1Donbermoy
1Advanced Web Store
May 14, 2025
May 6, 2025
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability, which was classified as critical, has been found in SourceCodester Advanced Web Store 1.0. This issue affects some unknown processing of the file /productdetail.php. The manipulation of the argument prod...Show more
A vulnerability, which was classified as critical, has been found in SourceCodester Advanced Web Store 1.0. This issue affects some unknown processing of the file /productdetail.php. The manipulation of the argument prodid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-8217
1Donbermoy
1E Commerce Website
Aug 29, 2024
Aug 27, 2024
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability has been found in SourceCodester E-Commerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file /Admin/registration.php. The manipulation of the argument fname lead...Show more
A vulnerability has been found in SourceCodester E-Commerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-4946
1Donbermoy
1Online Art Gallery Management System
Feb 10, 2025
May 16, 2024
5.3 MEDIUM· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/adminHome.php. The mani...Show more
A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/adminHome.php. The manipulation of the argument sliderpic leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264481 was assigned to this vulnerability.Show less
CVE-2024-4349
1Donbermoy
1Pisay Online E Learning System
Sep 26, 2025
Apr 30, 2024
N/A· v4
7.3 HIGH· v3
7.5 HIGH· v2
A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulat...Show more
A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262489 was assigned to this vulnerability.Show less
CVE-2024-30849
1Donbermoy
1Complete E Commerce Site
May 5, 2025
Apr 5, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via filename parameter in admin/products_photo.php.
CVE-2024-2932
1Donbermoy
1Online Chatting System
Feb 18, 2025
Mar 27, 2024
N/A· v4
7.5 HIGH· v3
6.5 MEDIUM· v2
A vulnerability classified as critical has been found in SourceCodester Online Chatting System 1.0. Affected is an unknown function of the file admin/update_room.php. The manipulation of the argument id leads to sql inje...Show more
A vulnerability classified as critical has been found in SourceCodester Online Chatting System 1.0. Affected is an unknown function of the file admin/update_room.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258012.Show less
CVE-2024-2754
1Donbermoy
1Complete E Commerce Site
Feb 18, 2025
Mar 21, 2024
N/A· v4
8.8 HIGH· v3
5.8 MEDIUM· v2
A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to un...Show more
A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257544.Show less