SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2026-7129

Source VulDB

Published Apr 27, 2026 at 13:45

Modified Apr 27, 2026 at 14:42

Affected Product

Vendor SourceCodester

Product Pharmacy Sales and Inventory System

Version 1.0

Affected Versions SourceCodester Pharmacy Sales and Inventory System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.",
    "published": "2026-04-27T13:45:11.910Z",
    "modified": "2026-04-27T14:42:38.501Z",
    "type": "cve",
    "title": "SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359728\nhttps://vuldb.com/vuln/359728/cti\nhttps://vuldb.com/submit/800974\nhttps://github.com/lonelyuan/vunls/issues/12\nhttps://www.sourcecodester.com/",
    "id": "CVE-2026-7129",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Pharmacy Sales and Inventory System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Pharmacy Sales and Inventory System",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting_CVE-2026-7129