CVE-2026-7194

Affected software: SourceCodester Pharmacy Sales and Inventory System 1.0. Vulnerability location: the file /ajax.php?action=save_product. Vulnerability type / root cause: manipulation of the argument ID leads to a SQL injection vulnerability. Impact / exploitation: attack can be carried out remo...

CVE-2026-7129

CVE-2026-7129 applies to SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is an unspecified function in the file /index.php?page=categories where manipulating the argument ID triggers a cross-site scripting (XSS) flaw. It can be exploited remotely, and public exploits exi...

EUVD-2026-9205

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manageuser.php...

CVE-2026-26707

sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/viewsupplier.php...

CVE-2020-24862

The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to retrieve all databases...