CVE-2026-30563 in SourceCodester Sales and Inventory Systeminfo

Zusammenfassung (Englisch)

A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the update_details.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject arbitrary web script or HTML that is stored in the database and executed whenever the store details page is accessed.

Zuständig

MITRE

Reservieren

04.03.2026

Veröffentlichung

30.03.2026

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
354200	SourceCodester Sales and Inventory System POST update_details.php Cross Site Scripting	79	Nicht definiert	Nicht definiert	CVE-2026-30563

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!