CVE-2026-7194 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_product ID sql injection

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability marked as critical has been reported in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument ID causes sql injection.

This vulnerability is tracked as CVE-2026-7194. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-7194 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_product ID sql injection

Post correlati

CVE-2026-33345 | solidtime-io solidtime up to 0.11.5 Project Detail Endpoint projects index authorization

CVE-2026-6031 | code-projects Simple IT Discussion Forum 1.0 add-category-function.php Category sql injection

CVE-2024-57925 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 smb2_send_interim_resp return value

CVE-2025-5183 | Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 Header Host redirect