Submit #768046: SourceCodester Inventory System 1.0 SQL Injectioninfo

TitleSourceCodester Inventory System 1.0 SQL Injection
DescriptionA SQL injection vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is found in the search functionality of the file dashboard.php. The manipulation of the POST parameter 'searchtxt' leads to boolean-based or time-based blind SQL injection. An authenticated attacker can exploit this to infer and exfiltrate database content.
Source⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-Dashboard-searchtxt.md
User
 Anonymous User
Submission02/26/2026 07:21 (1 month ago)
Moderation03/08/2026 08:24 (10 days later)
StatusAccepted
VulDB entry349758 [SourceCodester Sales and Inventory System 1.0 Search dashboard.php searchtxt sql injection]
Points19

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!