18 matches found
CVE-2026-5810 SourceCodester Sales and Inventory System GET Parameter delete.php cross site scripting
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5810
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-30562
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...
CVE-2026-30562
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...
CVE-2026-30561
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addpurchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...
CVE-2026-30562
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...
CVE-2026-4826
The CVE-2026-4826 entry concerns SourceCodester Sales and Inventory System 1.0. The vulnerability is in the /update_stock.php file (HTTP GET Parameter Handler) where manipulation of the sid parameter leads to SQL injection. Remote exploitation is possible and the exploit has been publicly disclos...
CVE-2026-4825
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /updatesales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has be...
SourceCodester Sales and Inventory System SQL注入漏洞
The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the sid...
CVE-2026-4572 SourceCodester Sales and Inventory System HTTP POST Request view_product.php sql injection
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...
CVE-2026-4569
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /viewcategory.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of the attack is...
CVE-2026-4568 SourceCodester Sales and Inventory System HTTP GET Request update_supplier.php sql injection
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...
CVE-2026-4568 SourceCodester Sales and Inventory System HTTP GET Request update_supplier.php sql injection
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...
CVE-2026-3790 SourceCodester Sales and Inventory System POST Parameter check_supplier_details.php sql injection
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file checksupplierdetails.php of the component POST Parameter Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attac...
CVE-2026-3756 SourceCodester Sales and Inventory System check_item_details.php sql injection
A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /checkitemdetails.php. The manipulation of the argument stockname1 leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
CVE-2026-3756
A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /checkitemdetails.php. The manipulation of the argument stockname1 leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
CVE-2026-3753
A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2021-25202
SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php...