295 matches found
CVE-2026-4571
A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewpayments.php of the component HTTP POST Request Handler. Performing a manipulation of the argument searchtxt results in sql injection...
CVE-2026-4571
CVE-2026-4571 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is in the HTTP POST handler for /view_payments.php, where manipulating the searchtxt parameter leads to SQL injection. The issue can be exploited remotely with a publicly released exploit (PoC). Impact details ...
CVE-2026-4568
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...
PT-2026-27041
Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System version 1.0. The issue is located in the HTTP GET Request Handler component, specifically within the...
CVE-2026-3792
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...
CVE-2026-3792
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...
CVE-2026-3791
A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...
CVE-2026-3791
CVE-2026-3791 affects SourceCodester Sales and Inventory System 1.0, specifically the file dashboard.php in the Search component. The issue arises from manipulating the argument searchtxt , causing a SQL Injection . The vulnerability can be exploited remotely, and the exploit has been disclosed p...
EUVD-2026-10280
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file checksupplierdetails.php of the component POST Parameter Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attac...
PT-2026-23990
Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A flaw exists in SourceCodester Sales and Inventory System 1.0 that allows for SQL injection. This issue is located within the check supplier details.php file and involves the...
CVE-2026-3770
A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-3762 SourceCodester Client Database Management System Endpoint superadmin_delete_manager.php improper authorization
A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmindeletemanager.php of the component Endpoint. The manipulation of the argument managerid leads to improper authorization. It is possible to initiate th...
EUVD-2026-10256
A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-3756
SourceCodester Sales and Inventory System (up to v1.0) contains a SQL injection vulnerability in the file /check_item_details.php. The issue arises from manipulating the stock_name1 argument in an unknown function within that file, which can be triggered remotely. Public exploitation is noted acr...
CVE-2026-3754
CVE-2026-3754 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is an SQL injection in the /add_stock.php module, triggered by manipulating the cost argument, with remote exploitation and a publicly available exploit. Multiple feeds consistently describe an unknown function...
CVE-2026-3754
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2026-3753
A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
SourceCodester Employee Task Management System SQL注入漏洞
SourceCodester Employee Task Management System is an open-source employee task management system developed by SourceCodester. Version 1.0 of the SourceCodester Employee Task Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the Date parameter in th...
PT-2026-23967
Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System version 1.0. The issue is located in the /check item details.php file, within an unknown function...
CVE-2026-26883
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...