Lucene search
+L

205 matches found

CNNVD
CNNVD
added 2026/05/01 12:0 a.m.13 views

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System has a SQL injection vulnerability, which arises from incorrect handling of the...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/29 4:45 p.m.4 views

CVE-2026-7392 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_supplier sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function deletesupplier of the file /ajax.php?action=deletesupplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/04/29 4:45 p.m.13 views

CVE-2026-7392

CVE-2026-7392 involves a SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability affects the function delete_supplier in the file /ajax.php?action=delete_supplier, where manipulation of the argument ID can lead to a SQL injection. The issue can be exploited remo...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/29 4:45 p.m.38 views

CVE-2026-7392 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_supplier sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function deletesupplier of the file /ajax.php?action=deletesupplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/29 4:15 p.m.3 views

CVE-2026-7391

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function savesupplier of the file /ajax.php?action=savesupplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publish...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/29 4:15 p.m.12 views

CVE-2026-7391

CVE-2026-7391 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability lies in the function save_supplier in /ajax.php?action=save_supplier, where manipulation of the ID parameter enables SQL injection. This allows remote exploitation, and a public exploit has been publis...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/29 3:45 p.m.8 views

EUVD-2026-26253

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...

5.1CVSS3.6AI score0.00195EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/29 3:45 p.m.36 views

CVE-2026-7390 SourceCodester Pharmacy Sales and Inventory System index.php customer cross site scripting

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...

5.1CVSS0.00195EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/29 2:49 p.m.6 views

CVE-2026-7269

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS3.3AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.9 views

PT-2026-35955

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save supplier of the file /ajax.php?action=save supplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.6 views

PT-2026-35958

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete supplier of the file /ajax.php?action=delete supplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.5 views

PT-2026-35954

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...

5.1CVSS3.6AI score0.00195EPSS
Exploits0References6
NVD
NVD
added 2026/04/28 3:16 p.m.5 views

CVE-2026-7282

A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function deleteexpired of the file /ajax.php?action=deleteexpired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

5.8CVSS0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 2:16 p.m.5 views

CVE-2026-7281

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 2:15 p.m.6 views

EUVD-2026-26066

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function saveexpired of the file /ajax.php?action=saveexpired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit ha...

5.8CVSS5.1AI score0.00263EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 1:30 p.m.4 views

CVE-2026-7282

A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function deleteexpired of the file /ajax.php?action=deleteexpired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

5.8CVSS5.1AI score0.00206EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/28 1:30 p.m.34 views

CVE-2026-7282 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_expired sql injection

A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function deleteexpired of the file /ajax.php?action=deleteexpired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

5.8CVSS0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 1:19 p.m.7 views

CVE-2026-7269

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS0.0021EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/28 1:15 p.m.6 views

EUVD-2026-26051

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS3AI score0.00206EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 1:15 p.m.5 views

CVE-2026-7281 SourceCodester Pharmacy Sales and Inventory System index.php supplier cross site scripting

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS3AI score0.00206EPSS
Exploits0References5
Rows per page
Query Builder