CVE-2026-7087

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=savesales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-7087 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=savesales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-6188

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...

CVE-2026-2852 yeqifu warehouse Sales Endpoint SalesController.java deleteSales access control

A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...

CVE-2026-2852

The CVE-2026-2852 issue affects yeqifu warehouse’s Sales Endpoint, specifically the SalesController.java functions addSales/updateSales/deleteSales in the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java. The vulnerability is caused by improper access cont...

CVE-2026-2852 yeqifu warehouse Sales Endpoint SalesController.java deleteSales access control

A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the addSales, updateSales, and deleteSales...

PT-2026-21286

A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file datasetreposwarehousesrcmainjavacomyeqifubuscontrollerSalesController.java of the component Sales Endpoint. The...

CVE-2025-10031

A security vulnerability has been detected in Campcodes Grocery Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

PT-2025-6729 · Unknown · Perfex Crm

Name of the Vulnerable Software and Affected Versions: Perfex Crm versions prior to 3.2.1 Description: The issue allows an authenticated attacker to send a crafted HTTP POST request to the "upload sales file" endpoint. By providing malicious input in the rel id parameter, combined with improper...