Submit #775174: SourceCodester Sales and Inventory System 1.0 SQL Injectioninfo

TitelSourceCodester Sales and Inventory System 1.0 SQL Injection
BeschreibungA SQL injection vulnerability exists in Inventory System version 1.0. The vulnerability occurs in the update_purchase.php file, where the sid HTTP GET parameter is not properly sanitized. This allows an authenticated attacker to inject arbitrary SQL commands.
Quelle⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-UpdatePurchase-sid.md
Benutzer
 Anonymous User
Einreichung08.03.2026 15:31 (vor 30 Tagen)
Moderieren24.03.2026 16:12 (16 days later)
StatusAkzeptiert
VulDB Eintrag352799 [SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_purchase.php sid SQL Injection]
Punkte18

ZurückÜbersichtWeiter

Might our Artificial Intelligence support you?

Check our Alexa App!