A SQL injection vulnerability has been identified in SourceCodester Pharmacy Sales and Inventory System version 1.0. The vulnerability exists in the /ajax.php file with the save_type action, where manipulation of the ID argument leads to SQL injection. The attack can be executed remotely and the exploit has been publicly disclosed. This affects unknown processing within the application and poses a significant security risk due to the remote attack vector and public availability of the exploit.