← volver
CVE-2026-3791

SourceCodester Sales and Inventory System Search dashboard.php sql injection

CVSS 5.3 MEDIUMEPSS 0.3%CWE-74CWE-89
A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
SourceCodester · Sales and Inventory System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-Dashboard-searchtxt.mdhttps://vuldb.com/?ctiid.349758https://vuldb.com/?id.349758https://vuldb.com/?submit.768046https://www.sourcecodester.com/