Search Results (6 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14695 1 Sourcecodester 1 Multi-vendor Online Grocery Management System 2026-07-05 7.3 High
A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_client of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
CVE-2026-14694 1 Sourcecodester 1 Multi-vendor Online Grocery Management System 2026-07-05 6.3 Medium
A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-14693 1 Sourcecodester 1 Multi-vendor Online Grocery Management System 2026-07-05 5.4 Medium
A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancel_order of the file classes/Master.php. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used.
CVE-2026-14692 1 Sourcecodester 1 Multi-vendor Online Grocery Management System 2026-07-05 6.3 Medium
A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function save_shop_type of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVE-2026-14691 1 Sourcecodester 1 Multi-vendor Online Grocery Management System 2026-07-05 6.3 Medium
A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2026-14690 1 Sourcecodester 1 Multi-vendor Online Grocery Management System 2026-07-05 7.3 High
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_users of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.