Lucene search
K

354 matches found

NVD
NVD
added 2026/06/01 11:16 a.m.16 views

CVE-2026-10247

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS0.00199EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/29 3:45 p.m.7 views

EUVD-2026-26253

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...

5.1CVSS3.6AI score0.00195EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 2:16 p.m.5 views

CVE-2026-7281

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/04/08 10:0 p.m.9 views

CVE-2026-5810

Summary (CVE-2026-5810): A flaw in SourceCodester Sales and Inventory System 1.0 affects an unknown function in /delete.php that handles the GET parameter ID. Manipulating this argument leads to cross-site scripting (XSS). Remote exploitation is possible, and the exploit has been published. CVSS ...

5.1CVSS4.7AI score0.0024EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.5 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.0021EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.6 views

CVE-2026-30556

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

6.1CVSS6AI score0.00252EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.5 views

CVE-2026-30559

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

5.4CVSS6AI score0.00266EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.5 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

6.1CVSS6AI score0.00174EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.6 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.00205EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.4 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00252EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/30 6:31 p.m.4 views

EUVD-2026-17101

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

9.3CVSS6AI score0.00321EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/30 6:31 p.m.5 views

EUVD-2026-17099

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00252EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/30 6:31 p.m.5 views

EUVD-2026-17097

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcustomer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00252EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/30 6:31 p.m.7 views

EUVD-2026-17100

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addpurchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00252EPSS
Exploits1References2
NVD
NVD
added 2026/03/30 4:16 p.m.8 views

CVE-2026-30556

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

6.1CVSS0.00252EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/30 3:32 p.m.6 views

EUVD-2026-17104

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.0021EPSS
Exploits1References2
NVD
NVD
added 2026/03/30 3:16 p.m.4 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

6.1CVSS0.00174EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

SourceCodester Sales and Inventory System 安全漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter websi...

6.1CVSS5.6AI score0.00174EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.18 views

CVE-2026-30561

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addpurchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

0.00252EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.22 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

0.0021EPSS
Exploits1References1
Rows per page
Query Builder