top of page
perceptive_background_267k.jpg

A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /aj…

Published:

26 april 2026 om 22:00:00

Alert date:

27 april 2026 om 15:02:20

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

A SQL injection vulnerability has been identified in SourceCodester Pharmacy Sales and Inventory System version 1.0. The vulnerability exists in the /ajax.php file with the save_type action, where manipulation of the ID argument leads to SQL injection. The attack can be executed remotely and the exploit has been publicly disclosed. This affects unknown processing within the application and poses a significant security risk due to the remote attack vector and public availability of the exploit.

Technical details

Mitigation steps:

Affected products:

SourceCodester Pharmacy Sales and Inventory System

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7128
https://github.com/lonelyuan/vunls/issues/13
https://vuldb.com/submit/800973
https://vuldb.com/vuln/359727
https://vuldb.com/vuln/359727/cti
https://www.sourcecodester.com/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page