VYPR

Vendor CVEs

Ahsanriaz26gmailcom

All CVEs

36 total · sorted by risk
  • CVE-2026-30562CriMar 30, 2026
    risk 0.60cvss 9.3epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_stock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-4826MedMar 26, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /update_stock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of…

  • CVE-2026-4825MedMar 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file /update_sales.php of the component HTTP GET Parameter Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely.…

  • CVE-2026-4781MedMar 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file update_purchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may…

  • CVE-2026-4780MedMar 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file update_out_standing.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is…

  • CVE-2026-4779MedMar 24, 2026
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file update_customer_details.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql…

  • CVE-2026-4778MedMar 24, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file update_category.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation…

  • CVE-2026-4777MedMar 24, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file view_supplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be…

  • CVE-2026-4572MedMar 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /view_product.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql…

  • CVE-2026-4571MedMar 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_payments.php of the component HTTP POST Request Handler. Performing a manipulation of the argument searchtxt results…

  • CVE-2026-4570MedMar 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /view_customers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be…

  • CVE-2026-4569MedMar 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /view_category.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of…

  • CVE-2026-4568MedMar 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /update_supplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched…

  • CVE-2026-3793MedMar 9, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file sales_invoice1.php of the component GET Parameter Handler. This manipulation of the argument sellid causes sql injection. It is possible to…

  • CVE-2026-3792MedMar 9, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchase_invoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed…

  • CVE-2026-3791MedMar 9, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to…

  • CVE-2026-3790MedMar 9, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file check_supplier_details.php of the component POST Parameter Handler. Executing a manipulation of the argument stock_name1 can lead to sql…

  • CVE-2026-3756MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /check_item_details.php. The manipulation of the argument stock_name1 leads to sql injection. The attack may be initiated remotely. The exploit is…

  • CVE-2026-3755MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /check_customer_details.php of the component POST Handler. Executing a manipulation of the argument stock_name1 can lead to sql injection. The attack can…

  • CVE-2026-3754MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /add_stock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made…

  • CVE-2026-3753MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /add_sales_print.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2026-30561MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_purchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30560MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30559MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_sales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30558MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_customer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30557MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_category.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30556MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary…

  • CVE-2026-30566MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30565MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_supplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30564MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_payments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject…

  • CVE-2026-30563MedMar 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the update_details.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated…

  • CVE-2026-30567MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_product.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via…

  • CVE-2026-30571MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_category.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via…

  • CVE-2026-30570MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a…

  • CVE-2026-30569MedMar 27, 2026
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_stock_availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to…

  • CVE-2021-25202Jul 22, 2021
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php.