CVE-2026-7194

Affected software: SourceCodester Pharmacy Sales and Inventory System 1.0. Vulnerability location: the file /ajax.php?action=save_product. Vulnerability type / root cause: manipulation of the argument ID leads to a SQL injection vulnerability. Impact / exploitation: attack can be carried out remo...

CVE-2026-7129

CVE-2026-7129 applies to SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is an unspecified function in the file /index.php?page=categories where manipulating the argument ID triggers a cross-site scripting (XSS) flaw. It can be exploited remotely, and public exploits exi...

CVE-2026-26707

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewsupplier.php...

EUVD-2026-9205

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manageuser.php...

The vulnerability of the catID parameter in the Pharmacy Medical Store And Sale Point medical software, related to the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary SQL commands and gain access to confidential data.

The vulnerability of the catID parameter in the medical software Pharmacy Medical Store And Sale Point is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL commands and gain access to confidential da...

CVE-2020-24862

The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to retrieve all databases...