CVE-2026-4778 in Sales and Inventory System情報

要約

〜によって MITRE • 2026年03月25日

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file update_category.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

VulDB

公開

2026年03月25日

モデレーション

承諾済み

エントリ

VDB-352796

CPE

準備完了

CWE

CWE-89 (確認済み)

エクスプロイト

ダウンロード

CVSS

6.3 (CNA)

EPSS

0.00012

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-4778
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-4778
CVE Details	https://www.cvedetails.com/cve/CVE-2026-4778/

◂ 前概要次 ▸

Do you need the next level of professionalism?

Upgrade your account now!