10 matches found
CVE-2026-4825
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /updatesales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has be...
CVE-2026-4825
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /updatesales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has be...
CVE-2026-4825 SourceCodester Sales and Inventory System HTTP GET Parameter update_sales.php sql injection
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /updatesales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has be...
CVE-2026-4825 SourceCodester Sales and Inventory System HTTP GET Parameter update_sales.php sql injection
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /updatesales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has be...
CVE-2026-4825
CVE-2026-4825 affects SourceCodester Sales and Inventory System 1.0. The vulnerability lies in the HTTP GET Parameter Handler for the file /update_sales.php, where manipulating the sid argument enables an SQL injection. The issue may be exploited remotely, and an exploit has been made public. No ...
PT-2026-28139
Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System version 1.0 Description A flaw exists in SourceCodester Sales and Inventory System 1.0 related to the handling of HTTP GET parameters. Specifically, the manipulation of the sid argument within the...
CVE-2026-2852
A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...
CVE-2026-2852
A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...
CVE-2026-2852
The CVE-2026-2852 issue affects yeqifu warehouse’s Sales Endpoint, specifically the SalesController.java functions addSales/updateSales/deleteSales in the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java. The vulnerability is caused by improper access cont...
warehouse 访问控制错误漏洞
Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the addSales, updateSales, and deleteSales...