CVE-2026-30566 in SourceCodester Sales and Inventory System
Resumen (Inglés)
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.
Responsable
MITRE
Reservar
2026-03-04
Divulgación
2026-03-30
Voces
| ID | Vulnerabilidad | CWE | Base | Temp | 0day | Hoy | Exp | KEV | EPSS | CTI | Con | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 354195 | SourceCodester Sales and Inventory System Parameter view_customers.php secuencias de comandos en sitios cruzados | 79 | 4.3 | 4.2 | $0-$5k | $0-$5k | No está definido | 0.00000 | 2.38+ | No está definido | CVE-2026-30566 |