PT-2026-55754 · Sourcecodester · Multi-Vendor Online Groceries Management System
Chr1S
·
Published
2026-07-05
·
Updated
2026-07-05
·
CVE-2026-14691
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update settings info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Exploit
Fix
Special Elements Injection
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Multi-Vendor Online Groceries Management System