CVE-2026-30566 in SourceCodester Sales and Inventory System
Sumário (Inglês)
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view_customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.
Responsável
MITRE
Reservar
04/03/2026
Divulgação
30/03/2026
Inscrições
| ID | Vulnerabilidade | CWE | Base | Temp | 0day | Hoje | Exp | KEV | EPSS | CTI | Con | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 354195 | SourceCodester Sales and Inventory System Parameter view_customers.php Script de Site Cruzado | 79 | 4.3 | 4.2 | $0-$5k | $0-$5k | Não definido | 0.00000 | 2.38+ | Não definido | CVE-2026-30566 |