17 matches found
CVE-2026-30566
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
EUVD-2026-17105
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
CVE-2026-30566
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
CVE-2026-30566
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
CVE-2026-30566
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
CVE-2026-30566
CVE-2026-30566 is a reflected Cross-Site Scripting (XSS) vulnerability in SourceCodester Sales and Inventory System 1.0. The flaw occurs in view_customers.php via the limit parameter, where input is not sanitized, allowing an attacker to inject arbitrary web script or HTML through a crafted URL. ...
CVE-2026-30566
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
SourceCodester Sales and Inventory System 安全漏洞
The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter limit...
PT-2026-29033
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script ...
CVE-2026-4570
A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The...
CVE-2026-4570
A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The...
CVE-2026-4570
SourceCodester Sales and Inventory System 1.0 is affected by a SQL injection in the POST handler for /view_customers.php, caused by manipulation of the searchtxt parameter. This enables remote exploitation and is corroborated by multiple sources; an exploit is publicly available. Affected compone...
CVE-2026-4570 SourceCodester Sales and Inventory System HTTP POST Request view_customers.php sql injection
A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The...
CVE-2026-4570 SourceCodester Sales and Inventory System HTTP POST Request view_customers.php sql injection
A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The...
SourceCodester Sales and Inventory System SQL注入漏洞
The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from improper handling of the searchtxt...
PT-2026-27043
Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A flaw exists in SourceCodester Sales and Inventory System 1.0 related to the handling of HTTP POST requests. Specifically, manipulation of the searchtxt argument within a POST...
CVE-2024-2101
The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Customers' page and the...