CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-7267

Technical details are not publicly available in the provided documents. Monitor for updates.

EUVD-2026-16728

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2026-30567

CVE-2026-30567 describes a reflected XSS in SourceCodester Sales and Inventory System 1.0, specifically in the view_product.php script via the input parameter “limit.” The root cause is lack of input sanitization, allowing an attacker to inject arbitrary script or HTML through a crafted URL. The ...

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2026-4572 SourceCodester Sales and Inventory System HTTP POST Request view_product.php sql injection

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

CVE-2026-26705

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewproduct.php...

CVE-2026-26705

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewproduct.php...

Pharmacy Point Of Sale System 安全漏洞

The Pharmacy Point Of Sale System is a web-based application developed by Carlo Montero. It is used to help a pharmacy manage its sales transactions. Version 1.0 of the Pharmacy Point Of Sale System has a security vulnerability, which stems from an SQL injection vulnerability in the...

CVE-2026-26705

The CVE-2026-26705 entry concerns sourcecodester Pharmacy Point of Sale System v1.0, vulnerable to SQL Injection in /pharmacy/view_product.php due to insufficient input validation. Documentation confirms the issue and impact (high confidentiality, integrity, and availability), with a CVSS v3.1 ba...

CVE-2024-4930

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=viewprod. The manipulation of the argument id leads to sql injection. The attack can be initiated...

Online Mobile Management Store SQL Injection Vulnerability

Online Mobile Management Store is an online mobile store management system. A SQL injection vulnerability exists in Online Mobile Management Store version 1.0, which originates from a SQL injection vulnerability in the parameter id of the file viewproduct.php...

CVE-2023-2212

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/products/viewproduct.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2022-46117

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=viewproduct&id=...

CVE-2022-44858

Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/viewproduct.php...

CVE-2022-32415

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/?p=products/viewproduct&id=...

CVE-2022-26632

Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/viewproduct.php...