CVE-2026-7087 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_sales ID sql injection

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability, which was classified as critical, has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of the argument ID results in sql injection.

This vulnerability is identified as CVE-2026-7087. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-7087 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_sales ID sql injection

Post correlati

CVE-2025-10183 | TecCom TecConnect 4.1 xml external entity reference

CVE-2026-23024 | Linux Kernel up to 6.18.5/6.19-rc4 flow_steer_list_lock memory leak

CVE-2024-10073 | flairNLP flair 0.14.0 Mode File Loader clustering.py ClusteringModel code injection

CVE-2025-24030 | Envoy Gateway up to 1.2.5 Kubernetes Cluster unprotected primary channel (GHSA-j777-63hf-hx76)