CVE-2026-7392

· NIST NVD ↗

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

MEDIUM
CVSS severity
6.3
CVSS base score
2026-04-29
Published

CWE codes

CWE-74CWE-89

Sources