CVE-2024-5098

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Inventory System version 1.0

Description: A critical issue has been found in the SourceCodester Simple Inventory System, affecting an unknown functionality of the file login.php. The manipulation of the username argument leads to SQL injection. The exploit has been disclosed to the public and may be used.

Recommendations: For SourceCodester Simple Inventory System version 1.0, update the system to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the login.php file or disabling the SQL injection vulnerability in the username argument until a patch is available. Avoid using the username argument in the affected login.php file until the issue is resolved.