CVE-2026-30570 in Inventory System
Resumen (Inglés)
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Responsable
MITRE
Reservar
2026-03-04
Divulgación
2026-03-27
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 353987 | SourceCodester Inventory System Parameter view_sales.php secuencias de comandos en sitios cruzados | 79 | No está definido | No está definido | CVE-2026-30570 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV