CVE-2026-7200

MEDIUM CVSS 4.3 View on NVD ↗

Description

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /index.php?page=types. Executing a manipulation of the argument ID can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

References

https://github.com/3436567162/vlun/issues/1
https://vuldb.com/submit/801111
https://vuldb.com/vuln/359801
https://vuldb.com/vuln/359801/cti
https://www.sourcecodester.com/

Published: Apr 28, 2026 00:16 UTC Modified: Apr 28, 2026 20:24 UTC