A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /update_stock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
References
| Link | Resource |
|---|---|
| https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-UpdateStock-sid.md | Exploit Third Party Advisory |
| https://vuldb.com/?ctiid.353126 | Permissions Required VDB Entry |
| https://vuldb.com/?id.353126 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.775177 | Third Party Advisory VDB Entry |
| https://www.sourcecodester.com/ | Product |
Configurations
History
07 Apr 2026, 18:22
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-UpdateStock-sid.md - Exploit, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.353126 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.353126 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.775177 - Third Party Advisory, VDB Entry | |
| References | () https://www.sourcecodester.com/ - Product | |
| First Time |
Ahsanriaz26gmailcom
Ahsanriaz26gmailcom sales And Inventory System |
|
| CPE | cpe:2.3:a:ahsanriaz26gmailcom:sales_and_inventory_system:1.0:*:*:*:*:*:*:* |
27 Mar 2026, 23:17
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| Summary | (en) A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /update_stock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. |
26 Mar 2026, 00:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-03-26 00:16
Updated : 2026-06-17 10:57
NVD link : CVE-2026-4826
Mitre link : CVE-2026-4826
CVE.ORG link : CVE-2026-4826
JSON object : View
Products Affected
ahsanriaz26gmailcom
- sales_and_inventory_system
