PT-2026-55758 · Sourcecodester · Multi-Vendor Online Groceries Management System
Chr1S
·
Published
2026-07-05
·
Updated
2026-07-05
·
CVE-2026-14695
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save client of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Multi-Vendor Online Groceries Management System