CVE-2026-7550

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://github.com/khairulazly760530-cell/cves/issues/2
https://vuldb.com/submit/805539
https://vuldb.com/vuln/360360
https://vuldb.com/vuln/360360/cti
https://www.sourcecodester.com/

Published: May 01, 2026 05:16 UTC Modified: May 01, 2026 15:26 UTC