VYPR

Pharmacy Sales and Inventory System

by Sourcecodester

CVEs (72)

  • CVE-2026-10246LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create_medicine_presentation of the file /ShowForm/create_medicine_presentation/main. The manipulation of the argument medicine_presentation leads to cross site…

  • CVE-2026-10245LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function create_supplier of the file /ShowForm/create_supplier/main. Executing a manipulation of the argument company_name can lead to cross site scripting. The attack…

  • CVE-2026-10244LowJun 1, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function create_medicine_name of the file /ShowForm/create_medicine_name/main. Performing a manipulation of the argument medicine_name results in cross…

  • CVE-2026-7390LowApr 29, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely.…

  • CVE-2026-5810LowApr 8, 2026
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is…

  • CVE-2023-1363LowMar 13, 2023
    risk 0.23cvss 3.5epss 0.01

    A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is…

  • CVE-2023-1179LowMar 5, 2023
    risk 0.23cvss 3.5epss 0.01

    A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument company_name/province/city/phone_number leads…

  • CVE-2023-1131LowMar 1, 2023
    risk 0.23cvss 3.5epss 0.01

    A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRST_NAME/LAST_NAME/PHONE_NUMBER leads to cross site…

  • CVE-2026-8136LowMay 8, 2026
    risk 0.16cvss 2.4epss 0.00

    A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has…

  • CVE-2026-7281LowApr 28, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be…

  • CVE-2026-7269LowApr 28, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely.…

  • CVE-2026-30568Mar 27, 2026
    risk 0.00cvss epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the view_purchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML…

Page 4 of 4