Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
SourceCodester Sales and Inventory System: Supplier Details SQL Injection
CVE-2026-3790
Summary
The SourceCodester Sales and Inventory System is vulnerable to a SQL injection attack that can happen when a specific field is manipulated. This could allow unauthorized access to sensitive information. Update the system to the latest version to protect against this attack.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| ahsanriaz26gmailcom | sales_and_inventory_system | 1.0 | – |
Original title
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file check_supplier_details.php of the component POST Param...
Original description
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file check_supplier_details.php of the component POST Parameter Handler. Executing a manipulation of the argument stock_name1 can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026