A vulnerability marked as critical has been reported in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection.

This vulnerability is known as CVE-2026-15190. Remote exploitation of the attack is possible. Furthermore, an exploit is available.