Lucene search
K

131 matches found

Vulnrichment
Vulnrichment
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00205EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.00205EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.0021EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.9 views

SourceCodester Sales and Inventory System 安全漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter limit...

6.1CVSS5.6AI score0.0021EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/30 12:0 a.m.4 views

EUVD-2026-17103

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.00205EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.3 views

PT-2026-29033

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script ...

6.1CVSS6AI score0.0021EPSS
Exploits1References2
CVE
CVE
added 2026/03/30 12:0 a.m.8 views

CVE-2026-30565

CVE-2026-30565 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is a reflected Cross-Site Scripting (XSS) in the file view_supplier.php via the limit parameter, where user input is not sanitized. Attack requires a crafted URL and could allow remote attackers to inject arbi...

6.1CVSS6AI score0.0021EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.3 views

CVE-2026-30566

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

6.1CVSS6AI score0.0021EPSS
Exploits1References2
CVE
CVE
added 2026/03/30 12:0 a.m.9 views

CVE-2026-30566

CVE-2026-30566 is a reflected XSS in SourceCodester Sales and Inventory System 1.0, caused by failure to sanitize the limit parameter in view_customers.php. This allows remote attackers to inject arbitrary script/HTML via a crafted URL. Affected component: view_customers.php (limit parameter); im...

6.1CVSS6AI score0.0021EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 12:0 a.m.3 views

CVE-2026-30566

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

6AI score0.0021EPSS
Exploits1References1
CVE
CVE
added 2026/03/30 12:0 a.m.9 views

CVE-2026-30564

SourceCodester Sales and Inventory System 1.0 contains a reflected XSS in view_payments.php via the limit parameter due to improper input sanitization. A crafted URL can inject arbitrary script/HTML, as described across multiple sources (CVE-2026-30564). The reports do not provide exploitation st...

6.1CVSS6AI score0.00205EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00271EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.6 views

CVE-2026-30571

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.5 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30570

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30569

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16730

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.4 views

EUVD-2026-16728

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00271EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.4 views

EUVD-2026-16702

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16700

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00266EPSS
Exploits1References2
Rows per page
Query Builder