VYPR

Pharmacy Sales and Inventory System

by Sourcecodester

CVEs (72)

  • CVE-2026-30562CriMar 30, 2026
    risk 0.60cvss 9.3epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_stock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-9575HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulation of the argument ID leads to sql injection. The attack may be initiated…

  • CVE-2026-9574HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched…

  • CVE-2026-9573HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated…

  • CVE-2026-8083HigMay 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made…

  • CVE-2026-7550HigMay 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2026-7549HigMay 1, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The…

  • CVE-2026-7199HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_product. Performing a manipulation of the argument ID results in sql injection. It is possible…

  • CVE-2026-7194HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2026-7130HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from…

  • CVE-2026-7128HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_type. Such manipulation of the argument ID leads to sql injection. The attack can be executed…

  • CVE-2026-7127HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is…

  • CVE-2026-7088HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched…

  • CVE-2026-7087HigApr 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely.…

  • CVE-2026-6189HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack…

  • CVE-2026-6188HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2026-6187HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk_prod_availability. The manipulation of the argument ID results in sql injection. The attack may be performed from…

  • CVE-2026-7392MedApr 29, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The…

  • CVE-2026-4826MedMar 26, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /update_stock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of…

  • CVE-2026-4825MedMar 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /update_sales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely.…

Page 1 of 4