Lucene search
K

920 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.3 views

CVE-2026-30566

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

6.1CVSS6AI score0.0021EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.4 views

PT-2026-29039

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00252EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.0021EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-29053

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

6AI score0.00252EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.18 views

CVE-2026-30556

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

0.00252EPSS
Exploits1References1
CVE
CVE
added 2026/03/30 12:0 a.m.13 views

CVE-2026-30557

CVE-2026-30557 : A reflected XSS vulnerability exists in the open‑source product SourceCodester Sales and Inventory System 1.0 . The flaw is in the file add_category.php via the query parameter msg , where input is not properly sanitized, enabling remote attackers to inject arbitrary web script/H...

6.1CVSS6AI score0.00252EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/30 12:0 a.m.18 views

CVE-2026-30558

CVE-2026-30558 describes a reflected Cross-Site Scripting (XSS) vulnerability in SourceCodester Sales and Inventory System 1.0. The flaw is in add_customer.php via the msg parameter, where user input is not properly sanitized, allowing an attacker to inject arbitrary script or HTML through a craf...

6.1CVSS6AI score0.00252EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/30 12:0 a.m.11 views

CVE-2026-30559

CVE-2026-30559 affects SourceCodester Sales and Inventory System 1.0. A Reflected Cross-Site Scripting (XSS) vulnerability exists in add_sales.php via the msg parameter, where input is not sanitized, allowing remote attackers to inject arbitrary script/HTML through a crafted URL. The CVSS basis i...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/30 12:0 a.m.13 views

CVE-2026-30556

The CVE-2026-30556 entry concerns SourceCodester Sales and Inventory System 1.0, where index.php is vulnerable via the msg parameter. It is a reflected XSS caused by insufficient input sanitization, allowing remote attackers to inject arbitrary scripts/HTML when a crafted URL is visited. Corrobor...

6.1CVSS6AI score0.00252EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.23 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

0.00174EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00271EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.6 views

CVE-2026-30571

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.5 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30569

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16730

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16700

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00266EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16704

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16702

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References2
NVD
NVD
added 2026/03/27 6:16 p.m.13 views

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS0.00271EPSS
Exploits1References1
NVD
NVD
added 2026/03/27 6:16 p.m.5 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS0.00241EPSS
Exploits1References1
Rows per page
Query Builder