CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/30 3:16 p.m.•3 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS0.00066EPSS

NVD•added 2026/03/30 3:16 p.m.•1 views

CVE-2026-30566

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

6.1CVSS0.00066EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30557

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcategory.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

CVE•added 2026/03/30 12:0 a.m.•3 views

CVE-2026-30559

CVE-2026-30559 is a reflected XSS in SourceCodester Sales and Inventory System 1.0. The flaw occurs in add_sales.php via the non-sanitized msg parameter, allowing an attacker to craft a URL that injects arbitrary script/HTML. The available documents do not specify exploit in the wild or concrete ...

6.1CVSS6AI score0.00021EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•3 views

CVE-2026-30559

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

Vulnrichment•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00066EPSS

Positive Technologies•added 2026/03/30 12:0 a.m.•3 views

PT-2026-29044

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add stock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

6AI score0.00074EPSS

Exploits0References2

CNNVD•added 2026/03/30 12:0 a.m.•3 views

SourceCodester Sales and Inventory System 安全漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a security vulnerability. This vulnerability stems from improper cleaning of the parameter msg i...

6.1CVSS5.6AI score0.00021EPSS

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00021EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•2 views

CVE-2026-30565

CVE•added 2026/03/30 12:0 a.m.•7 views

CVE-2026-30560

SourceCodester Sales and Inventory System 1.0 contains a Reflected XSS in add_supplier.php through the msg parameter. The app does not sanitize input, allowing an attacker to craft a URL that injects arbitrary script/HTML. No exploitation details or patches are provided in the documents. Practica...

6.1CVSS6AI score0.00021EPSS

Positive Technologies•added 2026/03/30 12:0 a.m.•2 views

PT-2026-29031

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view payments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

Vulnrichment•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

Positive Technologies•added 2026/03/30 12:0 a.m.•4 views

PT-2026-29032

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view supplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

Cvelist•added 2026/03/30 12:0 a.m.•14 views

CVE-2026-30557

0.00021EPSS

CVE•added 2026/03/30 12:0 a.m.•4 views

CVE-2026-30564

CVE-2026-30564 describes a Reflected Cross-Site Scripting (XSS) in SourceCodester Sales and Inventory System 1.0, specifically in the view_payments.php file via the input parameter “limit.” The vulnerability stems from insufficient sanitization of the input, allowing a remote attacker to craft a ...

Positive Technologies•added 2026/03/30 12:0 a.m.•2 views

PT-2026-29053

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

CVE•added 2026/03/30 12:0 a.m.•6 views

CVE-2026-30558

SourceCodester Sales and Inventory System 1.0 contains a reflected XSS in add_customer.php via the msg parameter. The input is not sanitized, allowing a crafted URL to inject arbitrary script/HTML. Impact is web-based script execution when the link is visited; exploitation details are not provide...

6.1CVSS6AI score0.00021EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30566