Lucene search
K

205 matches found

Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.11 views

PT-2026-35543

Name of the Vulnerable Software and Affected Versions SourceCodester Pharmacy Sales and Inventory System version 1.0 Description SQL injection can be initiated remotely via the '/ajax.php?action=delete product' endpoint. The issue occurs when the ID argument is manipulated, allowing for...

7.5CVSS7.1AI score0.00265EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System has a SQL injection vulnerability, which arises from improper handling of the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.9 views

PT-2026-35431

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The...

5.3CVSS3.6AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.12 views

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from improper...

7.5CVSS7.1AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.14 views

PT-2026-35353

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save sales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35430

A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save type. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit ha...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35432

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit ha...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.12 views

PT-2026-35354

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save receiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploi...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/13 6:30 p.m.4 views

EUVD-2026-22016

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/13 6:30 p.m.16 views

EUVD-2026-22012

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chkprodavailability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit i...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/13 6:30 p.m.4 views

EUVD-2026-22014

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
NVD
NVD
added 2026/04/13 4:16 p.m.6 views

CVE-2026-6188

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...

7.5CVSS0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/13 4:0 p.m.22 views

CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS0.00268EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 4:0 p.m.17 views

CVE-2026-6189

CVE-2026-6189 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability resides in an unknown function in /ajax.php?action=login, where manipulating the Username argument enables a SQL injection. Attack is remote, with public exploits disclosed. Additional details (affecte...

7.5CVSS6.9AI score0.00268EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/13 3:45 p.m.32 views

CVE-2026-6188 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...

7.5CVSS0.00254EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 3:45 p.m.27 views

CVE-2026-6188

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in an unknown function of /ajax.php?action=delete_sales, triggered by manipulating the ID argument. The vulnerability can be exploited remotely and the exploit has been published. Affects the web application as descri...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 3:30 p.m.13 views

CVE-2026-6187

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in /ajax.php?action=chk_prod_availability caused by manipulating the ID parameter. This vulnerability can be exploited remotely, with exploit publicly available. CVE-2026-6187 is documented with multiple CVSS scores (...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/13 3:30 p.m.33 views

CVE-2026-6187 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chkprodavailability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit i...

7.5CVSS0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/13 3:30 p.m.3 views

CVE-2026-6187

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chkprodavailability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit i...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.7 views

PT-2026-32400

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References6
Rows per page
Query Builder