CVE-2026-3792 | SourceCodester Sales and Inventory System 1.0 GET Parameter purchase_invoice.php purchaseid sql injection

Inserito da Angelo Barbosa | Mar 8, 2026 | CVE

A vulnerability labeled as critical has been found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchase_invoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection.

This vulnerability was named CVE-2026-3792. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-3792 | SourceCodester Sales and Inventory System 1.0 GET Parameter purchase_invoice.php purchaseid sql injection

Post correlati

CVE-2025-59739 | AndSoft e-TMS 25.03 LOGINFRM_original.ASP m os command injection

CVE-2025-21410 | Microsoft

CVE-2025-6921 | huggingface transformers up to 4.52.x _do_use_weight_decay resource consumption

CVE-2024-30672 | ROS Melodic Morenia unrestricted upload