CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/03/30 12:0 a.m.•4 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00051EPSS

Positive Technologies•added 2026/03/30 12:0 a.m.•4 views

PT-2026-29093

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function file get contents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.00018EPSS

Exploits0References7

Cvelist•added 2026/03/30 12:0 a.m.•16 views

CVE-2026-30566

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

0.00066EPSS

CVE•added 2026/03/30 12:0 a.m.•4 views

CVE-2026-30562

SourceCodester Sales and Inventory System 1.0 contains a reflected XSS in add_stock.php via the msg parameter. The application does not sanitize user input, enabling an attacker to craft a URL that injects arbitrary script/html. There are no publicly provided exploit details in the connected docu...

9.3CVSS6AI score0.00074EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30556

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

Vulnrichment•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30557

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcategory.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

Vulnrichment•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00066EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30561

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addpurchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

Positive Technologies•added 2026/03/30 12:0 a.m.•2 views

PT-2026-29039

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

CVE•added 2026/03/30 12:0 a.m.•7 views

CVE-2026-30556

CVE-2026-30556 is a reflected XSS in SourceCodester Sales and Inventory System 1.0. The vulnerability is in index.php via the msg parameter, where input is not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML through a crafted URL. Connected documents confirm t...

6.1CVSS6AI score0.00021EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2026/03/30 12:0 a.m.•0 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

6AI score0.00051EPSS

CVE•added 2026/03/30 12:0 a.m.•3 views

CVE-2026-30561

CVE-2026-30561 is a reflected XSS in SourceCodester Sales and Inventory System 1.0, triggered in add_purchase.php via the msg parameter. The input is not properly sanitized, allowing an attacker to craft a URL that injects arbitrary script/HTML when viewed by a victim. The connected documents con...

6.1CVSS6AI score0.00021EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2026/03/30 12:0 a.m.•1 views

CVE-2026-30561

Cvelist•added 2026/03/30 12:0 a.m.•12 views

CVE-2026-30562

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

0.00074EPSS

Exploits0References1

CNNVD•added 2026/03/30 12:0 a.m.•3 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00021EPSS

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00066EPSS

ATTACKERKB•added 2026/03/30 12:0 a.m.•2 views

CVE-2026-30560

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsupplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

CNNVD•added 2026/03/30 12:0 a.m.•3 views

SourceCodester RSS Feed Parser 代码问题漏洞

The SourceCodester RSS Feed Parser is an open-source rss feed parser developed by SourceCodester. Version 1.0 of the SourceCodester RSS Feed Parser has code vulnerabilities; these vulnerabilities stem from incorrect operations with the filegetcontents function, which may lead to server-side reque...

6.5CVSS6.7AI score0.00018EPSS

Exploits0References6

CNNVD•added 2026/03/30 12:0 a.m.•2 views

SourceCodester Sales and Inventory System 安全漏洞

6.1CVSS5.6AI score0.00021EPSS