VYPR

Sales And Inventory System

by Ahsanriaz26gmailcom

CVEs (36)

  • CVE-2026-3753MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /add_sales_print.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2026-30561MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_purchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30560MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30559MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_sales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30558MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_customer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30557MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30556MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary…

  • CVE-2026-30566MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30565MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_supplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30564MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_payments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30563MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the update_details.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated…

  • CVE-2026-30567MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via…

  • CVE-2026-30571MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_category.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via…

  • CVE-2026-30570MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a…

  • CVE-2026-30569MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_stock_availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to…

  • CVE-2021-25202Jul 22, 2021
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php.

Page 2 of 2