PT-2026-55754 · Sourcecodester · Multi-Vendor Online Groceries Management System

Chr1S

·

Published

2026-07-05

·

Updated

2026-07-05

·

CVE-2026-14691

CVSS v3.1

6.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update settings info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Exploit

Fix

Special Elements Injection

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-14691

Affected Products

Multi-Vendor Online Groceries Management System