PT-2026-22663 · Sourcecodester · Pharmacy Point Of Sale System

Thirtypenny77

Publicado

2026-03-02

Atualizado

2026-03-06

CVE-2026-26704

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions sourcecodester Pharmacy Point of Sale System version 1.0

Description The sourcecodester Pharmacy Point of Sale System version 1.0 is susceptible to SQL Injection. The issue affects the /pharmacy/view category.php endpoint. The view category.php script does not properly sanitize user-supplied input, allowing attackers to inject malicious SQL code. The vulnerable parameter is not explicitly identified.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the /pharmacy/view category.php endpoint.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2026-26704

Produtos afetados

Pharmacy Point Of Sale System

PT-2026-22663 · Sourcecodester · Pharmacy Point Of Sale System

CVE-2026-26704

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10