CVE-2026-4779 | SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_customer_details.php sid sql injection

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability labeled as critical has been found in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file update_customer_details.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection.

This vulnerability is documented as CVE-2026-4779. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-4779 | SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_customer_details.php sid sql injection

Post correlati

CVE-2025-64504 | Langfuse up to 2.95.10/3.124.0 API information exposure (GHSA-94hf-6gqq-pj69)

CVE-2022-48728 | Linux Kernel up to 5.10.98/5.15.21/5.16.7 hfi1_ipoib_setup_rn null pointer dereference

CVE-2024-40830 | Apple iOS/iPadOS up to 17.7 information disclosure

CVE-2022-49002 | Linux Kernel up to 6.0.11 iommu dmar_dev_scope_init reference count