High severity7.3NVD Advisory· Published May 25, 2026· Updated May 26, 2026
CVE-2026-9447
CVE-2026-9447
Description
A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 1.0
Patches
Vulnerability mechanics
References
5News mentions
1- Sourcecodester: 19 CVEs Across Six Products Disclosed in Three-Day BatchVypr Intelligence · May 26, 2026