CVE-2026-7088

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in /ajax.php?action=save_receiving triggered by manipulating the ID parameter. The flaw is exploitable remotely and the exploit is publicly available. No remediation details are provided in the documents.

CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

CVE-2026-7087

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in /ajax.php?action=save_sales via manipulation of the ID parameter. The flaw is triggered remotely, allowing an attacker to influence the database query. The exploit is public and may be used for attacks. The descrip...

CVE-2026-7083

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

CVE-2026-7083 likeadmin-likeshop likeadmin_php dataTable Admin API DataTableLists.php queryResult sql injection

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

CVE-2026-7083

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

CVE-2026-7083 likeadmin-likeshop likeadmin_php dataTable Admin API DataTableLists.php queryResult sql injection

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

CVE-2026-7083

CVE-2026-7083 affects likeadmin-likeshop likeadmin_php up to 1.9.6. The vulnerability is in the function queryResult of server\app\adminapi\lists\tools\DataTableLists.php within the DataTable Admin API. This manipulation leads to a SQL injection vulnerability that can be exploited remotely. The e...

CVE-2026-7077

A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /editparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2026-7074

A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the publi...

CVE-2026-7076

A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /editbranch.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed a...

EUVD-2026-25759

A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /editparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2026-7077 itsourcecode Courier Management System edit_parcel.php sql injection

A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /editparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2026-7077

A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /editparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2026-7076

CVE-2026-7076 affects itsourcecode Courier Management System 1.0. The vulnerability is in an unknown function of /edit_branch.php where manipulating the argument ID can cause a SQL injection. It can be exploited remotely, and the exploit is publicly disclosed (exploit maturity: PROOF-OF-CONCEPT)....

EUVD-2026-25754

A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /editbranch.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed a...

CVE-2026-7076 itsourcecode Courier Management System edit_branch.php sql injection

A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /editbranch.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed a...

CVE-2026-7075 itsourcecode Construction Management System locations.php sql injection

A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been mad...

CVE-2026-7075 itsourcecode Construction Management System locations.php sql injection

A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been mad...

CVE-2026-7075

A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been mad...