CVE-2026-4779

Medium CVSS: 5.3

A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file update_customer_details.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Vendor

Product

CWE

CWE-74

Yayın Tarihi

2026-03-24 23:17:12

Güncelleme

2026-03-25 15:41:58

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 MEDIUM 2026

Referanslar

https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-UpdateCustomerDetails-sid.md https://vuldb.com/?ctiid.352797 https://vuldb.com/?id.352797 https://vuldb.com/?submit.775172 https://www.sourcecodester.com/