CVE-2026-7282 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=delete_expired ID sql injection

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability classified as critical has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function delete_expired of the file /ajax.php?action=delete_expired. The manipulation of the argument ID leads to sql injection.

This vulnerability is traded as CVE-2026-7282. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-7282 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=delete_expired ID sql injection

Post correlati

CVE-2024-7606 | Front End Users Plugin up to 3.2.28 on WordPress Shortcode cross site scripting

CVE-2024-50348 | InstantSoft icms2 up to 2.16.2 Photo Album Page cross site scripting (GHSA-f6cf-jg84-fw29)

CVE-2026-1200 | Live555 increaseBufferTo memory corruption

CVE-2024-49085 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 23H2 Routing/Remote Access Service integer overflow