top of page
perceptive_background_267k.jpg

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save…

Published:

26 april 2026 om 22:00:00

Alert date:

27 april 2026 om 19:18:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

A SQL injection vulnerability has been discovered in SourceCodester Pharmacy Sales and Inventory System version 1.0. The vulnerability affects the /ajax.php file with the save_sales action, where manipulation of the ID parameter leads to SQL injection. The attack can be performed remotely and the exploit has been publicly released, making it available for potential attacks. This represents a high-risk security flaw in pharmacy management software.

Technical details

Mitigation steps:

Affected products:

SourceCodester Pharmacy Sales and Inventory System

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7087
https://github.com/nidieaaa/test/issues/2
https://vuldb.com/submit/800060
https://vuldb.com/vuln/359662
https://vuldb.com/vuln/359662/cti
https://www.sourcecodester.com/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page