top of page
perceptive_background_267k.jpg

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete…

Published:

26 april 2026 om 22:00:00

Alert date:

27 april 2026 om 19:18:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A SQL injection vulnerability has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. The flaw exists in the /ajax.php file's delete_category function, where manipulation of the ID parameter leads to SQL injection. The vulnerability can be exploited remotely and exploit code has been publicly released. This affects the delete category functionality through AJAX requests. The high severity rating indicates significant risk to affected systems.

Technical details

Mitigation steps:

Affected products:

SourceCodester Pharmacy Sales and Inventory System

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7130
https://github.com/lonelyuan/vunls/issues/11
https://vuldb.com/submit/800975
https://vuldb.com/vuln/359729
https://vuldb.com/vuln/359729/cti
https://www.sourcecodester.com/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page