CVE-2026-10246

SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79 CWE-94

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create_medicine_presentation of the file /ShowForm/create_medicine_presentation/main. The manipulation of the argument medicine_presentation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Affected products

SourceCodester · Pharmacy Sales and Inventory System

public PoCs found — 1

cve_referencegithub.com/timeflies123/cve/issues/4unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/timeflies123/cve/issues/4 https://vuldb.com/cve/CVE-2026-10246 https://vuldb.com/submit/823941 https://vuldb.com/vuln/367524 https://vuldb.com/vuln/367524/cti https://www.sourcecodester.com/