PT-2026-43031

A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit customer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed ...

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

PT-2026-28411

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the view sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

PT-2025-47104

Name of the Vulnerable Software and Affected Versions itsourcecode Inventory Management System version 1.0 Description A security issue has been identified in itsourcecode Inventory Management System version 1.0. The issue involves a SQL injection vulnerability present in an unknown function with...

CVE-2025-0201

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/updateaccount.php. The manipulation of the argument username leads to sql injection. The attack may be...

CVE-2024-5099

A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2024-5099

CVE-2024-5099 concerns SourceCodester Simple Inventory System 1.0. The vulnerability resides in the file updateprice.php , where manipulating the argument ITEM results in an SQL injection. The issue is exploitable remotely, and public exploit information has been disclosed. Several connected sour...

CVE-2024-2067

SourceCodester Computer Inventory System 1.0 has a SQL injection vulnerability in /endpoint/delete-computer.php triggered by manipulating the computer parameter. The flaw is exploitable remotely and is considered critical by CVE-2024-2067; multiple sources report the exploit publicly. No official...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file custtransac.php. The manipulation of the argument phonenumber leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2021-29387

Multiple stored cross-site scripting XSS vulnerabilities in Sourcecodester Equipment Inventory System 1.0 allow remote attackers to inject arbitrary javascript via any "Add" sections, such as Add Item , Employee and Position or others in the Name Parameters...