50 matches found
CVE-2026-7281
A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...
CVE-2026-10248
A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...
CVE-2026-8136
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...
CVE-2026-7550
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-7128
A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=savetype. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has...
CVE-2026-10255
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sellstatement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The...
CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting
A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...
CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...
CVE-2026-10244 SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...
PT-2026-45392
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create medicine presentation of the file /ShowForm/create medicine presentation/main. The manipulation of the argument medicine presentation leads to cross site scripting. The attac...
CVE-2026-8083
A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...
CVE-2026-8083 SourceCodester Pharmacy Sales and Inventory System ajax.php save_user sql injection
A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...
CVE-2026-7550 SourceCodester Pharmacy Sales and Inventory System ajax.php save_customer sql injection
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
EUVD-2026-26475
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-7549 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-7391
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function savesupplier of the file /ajax.php?action=savesupplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publish...
EUVD-2026-26264
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function deletesupplier of the file /ajax.php?action=deletesupplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...
CVE-2026-7390
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...
CVE-2026-7391
CVE-2026-7391 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability lies in the function save_supplier in /ajax.php?action=save_supplier, where manipulation of the ID parameter enables SQL injection. This allows remote exploitation, and a public exploit has been publis...
CVE-2026-7390
The CVE affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability resides in the Customer function of /index.php?page=customer, where manipulating the Name parameter yields cross-site scripting (XSS). Attack surface is remote with a public exploit. No remediation details a...