Lucene search
K

50 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7281

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS3.6AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10248

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

5.8CVSS5.2AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.9 views

CVE-2026-8136

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...

4.8CVSS3.6AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.6 views

CVE-2026-7550

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7128

A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=savetype. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.8 views

CVE-2026-10255

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sellstatement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The...

6.9CVSS5.5AI score0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 10:0 a.m.10 views

CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS4.3AI score0.00199EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 9:15 a.m.31 views

CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...

5.1CVSS0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 9:15 a.m.11 views

CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...

5.1CVSS4.3AI score0.00203EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.17 views

PT-2026-45392

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create medicine presentation of the file /ShowForm/create medicine presentation/main. The manipulation of the argument medicine presentation leads to cross site scripting. The attac...

5.1CVSS4.1AI score0.00199EPSS
Exploits0References7
NVD
NVD
added 2026/05/07 7:16 p.m.10 views

CVE-2026-8083

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...

7.5CVSS0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/07 6:15 p.m.7 views

CVE-2026-8083 SourceCodester Pharmacy Sales and Inventory System ajax.php save_user sql injection

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/01 3:45 a.m.5 views

CVE-2026-7550 SourceCodester Pharmacy Sales and Inventory System ajax.php save_customer sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/01 3:30 a.m.5 views

EUVD-2026-26475

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS5.3AI score0.00274EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/01 3:30 a.m.32 views

CVE-2026-7549 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00274EPSS
Exploits0References5
NVD
NVD
added 2026/04/29 5:16 p.m.4 views

CVE-2026-7391

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function savesupplier of the file /ajax.php?action=savesupplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publish...

6.5CVSS0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/29 4:45 p.m.5 views

EUVD-2026-26264

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function deletesupplier of the file /ajax.php?action=deletesupplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
NVD
NVD
added 2026/04/29 4:16 p.m.10 views

CVE-2026-7390

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...

5.1CVSS0.00195EPSS
Exploits0References5
CVE
CVE
added 2026/04/29 4:15 p.m.11 views

CVE-2026-7391

CVE-2026-7391 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability lies in the function save_supplier in /ajax.php?action=save_supplier, where manipulation of the ID parameter enables SQL injection. This allows remote exploitation, and a public exploit has been publis...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/04/29 3:45 p.m.8 views

CVE-2026-7390

The CVE affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability resides in the Customer function of /index.php?page=customer, where manipulating the Name parameter yields cross-site scripting (XSS). Attack surface is remote with a public exploit. No remediation details a...

5.1CVSS3.7AI score0.00195EPSS
Exploits0References5
Rows per page
Query Builder