CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/03/30 6:31 p.m.•1 views

EUVD-2026-17135

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

6AI score0.00021EPSS

NVD•added 2026/03/30 4:16 p.m.•2 views

CVE-2026-30558

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcustomer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6.1CVSS0.00021EPSS

NVD•added 2026/03/30 3:16 p.m.•2 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS0.00066EPSS

NVD•added 2026/03/30 3:16 p.m.•1 views

CVE-2026-30566

6.1CVSS0.00066EPSS

Vulnrichment•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00021EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30556

6AI score0.00021EPSS

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter limit...

6.1CVSS5.6AI score0.00066EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

6.1CVSS6AI score0.00051EPSS

Cvelist•added 2026/03/30 12:0 a.m.•19 views

CVE-2026-30558

0.00021EPSS

RedhatCVE•added 2026/03/26 3:15 p.m.•2 views

CVE-2026-4572

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

6.5CVSS6.5AI score0.00035EPSS

ATTACKERKB•added 2026/03/25 10:32 p.m.•1 views

CVE-2026-4825

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /updatesales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has be...

6.5CVSS6.4AI score0.00012EPSS

Exploits1References5Affected Software1

NVD•added 2026/03/24 10:16 p.m.•3 views

CVE-2026-4777

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

6.5CVSS0.00035EPSS

Cvelist•added 2026/03/24 9:42 p.m.•20 views

CVE-2026-4777 SourceCodester Sales and Inventory System POST Parameter view_supplier.php sql injection

6.5CVSS0.00035EPSS

Vulnrichment•added 2026/03/24 9:42 p.m.•3 views

CVE-2026-4777 SourceCodester Sales and Inventory System POST Parameter view_supplier.php sql injection

6.5CVSS6.5AI score0.00035EPSS

NVD•added 2026/03/23 5:16 a.m.•2 views

CVE-2026-4571

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewpayments.php of the component HTTP POST Request Handler. Performing a manipulation of the argument searchtxt results in sql injection...

6.5CVSS0.00035EPSS

RedhatCVE•added 2026/03/10 2:12 a.m.•5 views

CVE-2026-3793

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file salesinvoice1.php of the component GET Parameter Handler. This manipulation of the argument sellid causes sql injection. It is possible to initiate the attack...

8.8CVSS6.5AI score0.00013EPSS

RedhatCVE•added 2026/03/10 2:12 a.m.•2 views

CVE-2026-3790

A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file checksupplierdetails.php of the component POST Parameter Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attac...

8.8CVSS6.5AI score0.00037EPSS

NVD•added 2026/03/09 2:15 a.m.•1 views

CVE-2026-3792

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...

8.8CVSS0.00037EPSS

Vulnrichment•added 2026/03/09 1:32 a.m.•2 views

CVE-2026-3793 SourceCodester Sales and Inventory System GET Parameter sales_invoice1.php sql injection

6.5CVSS5.7AI score0.00013EPSS