920 matches found
CVE-2026-30566
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...
PT-2026-29039
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...
CVE-2026-30565
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...
PT-2026-29053
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...
CVE-2026-30556
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...
CVE-2026-30557
CVE-2026-30557 : A reflected XSS vulnerability exists in the open‑source product SourceCodester Sales and Inventory System 1.0 . The flaw is in the file add_category.php via the query parameter msg , where input is not properly sanitized, enabling remote attackers to inject arbitrary web script/H...
CVE-2026-30558
CVE-2026-30558 describes a reflected Cross-Site Scripting (XSS) vulnerability in SourceCodester Sales and Inventory System 1.0. The flaw is in add_customer.php via the msg parameter, where user input is not properly sanitized, allowing an attacker to inject arbitrary script or HTML through a craf...
CVE-2026-30559
CVE-2026-30559 affects SourceCodester Sales and Inventory System 1.0. A Reflected Cross-Site Scripting (XSS) vulnerability exists in add_sales.php via the msg parameter, where input is not sanitized, allowing remote attackers to inject arbitrary script/HTML through a crafted URL. The CVSS basis i...
CVE-2026-30556
The CVE-2026-30556 entry concerns SourceCodester Sales and Inventory System 1.0, where index.php is vulnerable via the msg parameter. It is a reflected XSS caused by insufficient input sanitization, allowing remote attackers to inject arbitrary scripts/HTML when a crafted URL is visited. Corrobor...
CVE-2026-30563
A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...
CVE-2026-30567
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30571
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30568
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30569
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web...
EUVD-2026-16730
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
EUVD-2026-16700
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the viewstockavailability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...
EUVD-2026-16704
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
EUVD-2026-16702
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30567
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2026-30568
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...