ReportizFlow
Filtered by vendor Sourcecodester
Subscriptions
Filtered by product Simple Pos And Inventory System
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9447 | 1 Sourcecodester | 1 Simple Pos And Inventory System | 2026-05-25 | 7.3 High |
| A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-9446 | 1 Sourcecodester | 1 Simple Pos And Inventory System | 2026-05-25 | 4.7 Medium |
| A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit_customer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-9445 | 1 Sourcecodester | 1 Simple Pos And Inventory System | 2026-05-25 | 6.3 Medium |
| A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-9444 | 1 Sourcecodester | 1 Simple Pos And Inventory System | 2026-05-25 | 4.7 Medium |
| A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. | ||||
Page 1 of 1.