CVE-2026-4573 SourceCodester Simple E-learning System HTTP GET Parameter delete_post.php sql injection

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

CVE-2026-4572

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

CVE-2026-4572 SourceCodester Sales and Inventory System HTTP POST Request view_product.php sql injection

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

CVE-2026-4572

The CVE-2026-4572 entry identifies a vulnerability in SourceCodester Sales and Inventory System 1.0. The flaw affects the file /view_product.php, specifically the HTTP POST parameter searchtxt, where manipulation can lead to a SQL Injection. It is described as exploitable remotely and with a publ...

CVE-2026-4571

CVE-2026-4571 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is in the HTTP POST handler for /view_payments.php, where manipulating the searchtxt parameter leads to SQL injection. The issue can be exploited remotely with a publicly released exploit (PoC). Impact details ...

CVE-2026-4570 SourceCodester Sales and Inventory System HTTP POST Request view_customers.php sql injection

A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The...

CVE-2026-4570

SourceCodester Sales and Inventory System 1.0 is affected by a SQL injection in the POST handler for /view_customers.php, caused by manipulation of the searchtxt parameter. This enables remote exploitation and is corroborated by multiple sources; an exploit is publicly available. Affected compone...

CVE-2026-4569 SourceCodester Sales and Inventory System HTTP POST Request view_category.php sql injection

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /viewcategory.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of the attack is...

CVE-2026-4569

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /viewcategory.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of the attack is...

CVE-2026-4569

CVE-2026-4569 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is a SQL injection in /view_category.php (HTTP POST Handler) via the searchtxt parameter. Exploitation is remote and publicly disclosed. Impact concerns data confidentiality and integrity; exploitation details ...

CVE-2026-4568

CVE-2026-4568 affects SourceCodester Sales and Inventory System 1.0. The vulnerability resides in the HTTP GET handler for /update_supplier.php, where manipulating the sid parameter yields an SQL injection. It is a network-accessible issue with LOW privilege requirements and no user interaction, ...

CVE-2026-4568

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...

CVE-2026-4568 SourceCodester Sales and Inventory System HTTP GET Request update_supplier.php sql injection

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...

EUVD-2026-14351

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...

CVE-2026-2580

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 4.9.1 due to insufficient escaping on the user supplied parameter and lack of...

ERUPT 安全漏洞

ERUPT is a low-code + AI-based framework developed by YuePeng, a personal developer in China. Version 1.13.3 of ERUPT contains a security vulnerability. This vulnerability stems from incorrect operations on the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java in the MCP Tool...

PT-2026-27103

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checklogin.php of the component Parameters Handler. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The explo...

📄 OpenEMR 8.0.0 Authenticated SQL Injection

OpenEMR version 8.0.0 authenticated remote SQL injection exploit that leverages the name parameter in ajax/graphs.php. ====================================================================================================================== | Title : OpenEMR 8.0.0 Authenticated SQL Injection via nam...

PT-2026-27258

A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

PT-2026-27042

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A SQL injection issue exists in SourceCodester Sales and Inventory System 1.0. The issue is related to the manipulation of the searchtxt argument within an HTTP POST request to...