CVE-2026-7392 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=delete_supplier ID sql injection

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability categorized as critical has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such manipulation of the argument ID leads to sql injection.

This vulnerability is documented as CVE-2026-7392. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-7392 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=delete_supplier ID sql injection

Post correlati

CVE-2026-1847 | MongoDB Server up to 7.0.28/8.0.17 Large Document Insert allocation of resources

CVE-2025-14535 | UTT 进取 512W up to 3.1.7.7-171114 formConfigFastDirectionW strcpy ssid buffer overflow

CVE-2025-53349 | Laborator Kalium Plugin up to 3.18.3 on WordPress cross site scripting

CVE-2026-2830 | WP All Import Pro Plugin up to 4.0.0 on WordPress filepath cross site scripting