← back
CVE-2026-10235

CodeAstro Ingredients Stock Management System stock_manager.php sql injection

CVSS 5.3 MEDIUMEPSS 0.2%CWE-74CWE-89
A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stock_manager.php. This manipulation of the argument txt_search_category causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
CodeAstro · Ingredients Stock Management System
public PoCs found1
cve_referencegithub.com/Pluto2362/CVE/issues/1unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://codeastro.com/https://github.com/Pluto2362/CVE/issues/1https://vuldb.com/cve/CVE-2026-10235https://vuldb.com/submit/823086https://vuldb.com/vuln/367514https://vuldb.com/vuln/367514/cti