Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.4 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00252EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/30 6:31 p.m.5 views

EUVD-2026-17099

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00252EPSS
Exploits1References2
NVD
NVD
added 2026/03/30 4:16 p.m.4 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6.1CVSS0.00252EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.22 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

0.00252EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.3 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00252EPSS
Exploits1References2
CVE
CVE
added 2026/03/30 12:0 a.m.12 views

CVE-2026-30560

Affected product: SourceCodester Sales and Inventory System 1.0. The CVE-2026-30560/vulnerability is a Reflected Cross-Site Scripting (XSS) in add_supplier.php via the msg parameter, due to inadequate input sanitization. Consequence: attackers can inject arbitrary web script/HTML through a crafte...

6.1CVSS6AI score0.00252EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

SourceCodester Sales and Inventory System 安全漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter msg i...

6.1CVSS5.6AI score0.00252EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/03 12:26 a.m.8 views

CVE-2025-65215

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /productexpiry/add-supplier.php via the Supplier Name field...

6.1CVSS6.2AI score0.00192EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/02 6:30 p.m.5 views

EUVD-2025-200293

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /productexpiry/add-supplier.php via the Supplier Name field...

6.1CVSS5.6AI score0.00192EPSS
Exploits1References3
OSV
OSV
added 2025/12/02 6:15 p.m.4 views

CVE-2025-65215

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /productexpiry/add-supplier.php via the Supplier Name field...

6.1CVSS5.8AI score0.00192EPSS
Exploits1References2
NVD
NVD
added 2025/12/02 6:15 p.m.3 views

CVE-2025-65215

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /productexpiry/add-supplier.php via the Supplier Name field...

6.1CVSS0.00192EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.3 views

PT-2025-48737

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /product expiry/add-supplier.php via the Supplier Name field...

6.1CVSS6.2AI score0.00192EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/02 12:0 a.m.9 views

CVE-2025-65215

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /productexpiry/add-supplier.php via the Supplier Name field...

0.00192EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/02 12:0 a.m.2 views

CVE-2025-65215

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /productexpiry/add-supplier.php via the Supplier Name field...

5.8AI score0.00192EPSS
Exploits1References2
CVE
CVE
added 2025/12/02 12:0 a.m.9 views

CVE-2025-65215

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the Supplier Name field of /product_expiry/add-supplier.php. The issue is documented across multiple feeds (NVD, Red Hat, ENISA, CNNVD, CVE lists) with consistent description. Root caus...

6.1CVSS5.8AI score0.00192EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 3:58 a.m.6 views

CVE-2023-46450

Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting XSS via the Add supplier function...

5.4CVSS6.1AI score0.00431EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 2:58 a.m.10 views

CVE-2023-1179

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument companyname/province/city/phonenumber leads to cross site...

5.4CVSS6AI score0.00592EPSS
Exploits1References1
OSV
OSV
added 2025/04/20 1:15 p.m.2 views

CVE-2025-3826

A vulnerability, which was classified as problematic, was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the file add-supplier.php. The manipulation of the argument txtsuppliername/txtaddress leads to cross site scripting. It is possible ...

4.1CVSS4AI score0.00324EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/04/20 12:0 a.m.5 views

SourceCodester Web-based Pharmacy Product Management System 代码注入漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. A code injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which is caused by incorrect...

4.8CVSS4.2AI score0.00324EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/10/26 3:15 p.m.4 views

CVE-2023-46450

Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting XSS via the Add supplier function...

5.4CVSS5.8AI score0.00431EPSS
Exploits2References3
Rows per page
Query Builder