CVE-2026-26702

Name of the Vulnerable Software and Affected Versions sourcecodester Personnel Property Equipment System version 1.0

Description The software is susceptible to SQL Injection in the /ppes/admin/myitem reuse.php file. The vulnerability allows for potential unauthorized access to or modification of the database. The vulnerable parameter is not specified. The myitem reuse.php file processes requests without sufficient sanitization of input data, potentially allowing an attacker to inject malicious SQL code.

Recommendations Apply input validation and parameterized queries to the /ppes/admin/myitem reuse.php file to prevent SQL Injection.