Lucene search
K

920 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from operations in the file header.php, which may lead to cross-site scripting...

5.1CVSS4.5AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

SourceCodester Inventory System 安全漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System contains a security vulnerability. This vulnerability stems from the operation of the ROLE parameter in the Account Creation Handler component...

6.5CVSS6.4AI score0.00261EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47294

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description A weakness in the header.php file allows for remote cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites. This issue involves unknown...

5.1CVSS5.1AI score0.00248EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47293

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description An improper authorization issue exists in the Account Creation Handler component within the file '/Product Inventory/api/users handler.php'. A remote attacker can manipulate the ROLE...

6.5CVSS6.6AI score0.00261EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.12 views

CVE-2026-7392

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function deletesupplier of the file /ajax.php?action=deletesupplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.16 views

CVE-2026-7391

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function savesupplier of the file /ajax.php?action=savesupplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publish...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7281

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS3.6AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.12 views

CVE-2026-10248

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

5.8CVSS5.2AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7088

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7128

A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=savetype. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.11 views

CVE-2026-7070

A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.14 views

CVE-2026-10245

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 10:15 a.m.15 views

EUVD-2026-33623

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

5.8CVSS5.5AI score0.00248EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 9:30 a.m.41 views

CVE-2026-10245 SourceCodester Pharmacy Sales and Inventory System main create_supplier cross site scripting

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

5.1CVSS0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 9:30 a.m.10 views

CVE-2026-10245 SourceCodester Pharmacy Sales and Inventory System main create_supplier cross site scripting

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 9:30 a.m.20 views

CVE-2026-10245

Technical details about CVE-2026-10245 are not provided in the connected documents. The Initial Description includes exploit info, but no additional technical specifics beyond what is stated. Monitor for updates.

5.1CVSS4.2AI score0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 9:15 a.m.11 views

CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...

5.1CVSS4.3AI score0.00203EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability arises from improper...

5.1CVSS4.6AI score0.00199EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45393

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function create generic name of the file /ShowForm/create generic name/main. The manipulation of the argument generic name results in cross site scripting. The attack may be launche...

5.1CVSS4.3AI score0.00199EPSS
Exploits0References7
NVD
NVD
added 2026/05/31 8:16 a.m.12 views

CVE-2026-10172

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS0.00206EPSS
Exploits0References5
Rows per page
Query Builder