CVE-2026-7088 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_receiving ID sql injection

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipulation of the argument ID can lead to sql injection.

This vulnerability is tracked as CVE-2026-7088. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-7088 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_receiving ID sql injection

Post correlati

CVE-2025-49869 | Arraytics Eventin Plugin up to 4.0.31 on WordPress deserialization

CVE-2024-5483 | LearnPress Plugin up to 4.2.6.8 on WordPress JSON API information disclosure

CVE-2024-12772 | Ninja Tables Plugin up to 5.0.16 on WordPress CSV Import cross site scripting

CVE-2023-53512 | Linux Kernel up to 5.10.172/5.15.98/6.1.15/6.2.2 scsi kfree memory leak