yangfan2

4 exploits Active since Nov 2025
CVE-2025-13263 WRITEUP MEDIUM WRITEUP
Oretnom23 Online Magazine Management System - Injection
A vulnerability was identified in SourceCodester Online Magazine Management System 1.0. Affected by this issue is some unknown functionality of the file /categories.php. The manipulation of the argument c leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVSS 6.3
CVE-2025-13264 WRITEUP MEDIUM WRITEUP
Oretnom23 Online Magazine Management System - Injection
A security flaw has been discovered in SourceCodester Online Magazine Management System 1.0. This affects an unknown part of the file /view_magazine.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
CVSS 6.3
CVE-2025-13267 WRITEUP MEDIUM WRITEUP
Jkev Dental Clinic Appointment Reservation System - Injection
A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.
CVSS 6.3
CVE-2025-13564 WRITEUP MEDIUM WRITEUP
Kimz190 Pre-school Management System - Improper Resource Release
A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controllers/FilehelperController.php. Performing manipulation of the argument filepath results in denial of service. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
CVSS 5.4