Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
SourceCodester Sales and Inventory System Can Be Hacked Through Web Address
CVE-2026-5810
Summary
The SourceCodester Sales and Inventory System version 1.0 contains a security weakness that can be exploited by hackers to inject malicious code into the system. This could allow unauthorized access to sensitive data and disrupt normal system operations. Update to the latest version to fix this issue.
Original title
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argu...
Original description
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used.
nvd CVSS2.0
4.0
nvd CVSS3.1
3.5
nvd CVSS4.0
5.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026