CVE-2026-4780 | SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_out_standing.php sid sql injection

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability marked as critical has been reported in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file update_out_standing.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection.

This vulnerability is reported as CVE-2026-4780. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-4780 | SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_out_standing.php sid sql injection

Post correlati

CVE-2025-9040 | Workhorse Software Services Municipal Accounting Software prior 1.9.4.48019 Database Backup improper authentication (ID 706118)

CVE-2025-40727 | Phoenix Site CMS GET Parameter /search s cross site scripting

CVE-2024-8660 | Concrete CMS up to 9.3.3 Top Navigator Bar cross site scripting

CVE-2024-13304 | Drupal Minify JS up to 3.0.2 cross-site request forgery