CVE-2026-30566 in SourceCodester Sales and Inventory System
Résumé (Anglaise)
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.
Responsable
MITRE
Réserver
04/03/2026
Divulgation
30/03/2026
Entrées
| ID | Vulnérabilité | CWE | Base | Temp | 0day | Aujourd'hui | Exp | KEV | EPSS | CTI | Con | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 354195 | SourceCodester Sales and Inventory System Parameter view_customers.php cross site scripting | 79 | 4.3 | 4.2 | $0-$5k | $0-$5k | Non défini | 0.00000 | 2.53+ | Non défini | CVE-2026-30566 |