CVE-2026-7269

LOW CVSS 2.4 View on NVD ↗

Description

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

References

https://github.com/zulu225588/zulu-loudong/issues/3
https://vuldb.com/submit/802757
https://vuldb.com/submit/802758
https://vuldb.com/vuln/359920
https://vuldb.com/vuln/359920/cti
https://www.sourcecodester.com/

Published: Apr 28, 2026 13:19 UTC Modified: Apr 29, 2026 01:00 UTC