Posts of last 24 hours
A vulnerability described as critical has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_client of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection.
This vulnerability is known as CVE-2026-14695. It is possible to launch the attack remotely. Furthermore, an exploit is available.
https://vuldb.com/vuln/376291
A vulnerability marked as critical has been reported in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection.
This vulnerability is traded as CVE-2026-14694. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
https://vuldb.com/vuln/376290
A vulnerability labeled as critical has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancel_order of the file classes/Master.php. Executing a manipulation can lead to improper authorization.
This vulnerability appears as CVE-2026-14693. The attack may be performed from remote. In addition, an exploit is available.
https://vuldb.com/vuln/376289
A vulnerability identified as critical has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function save_shop_type of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection.
This vulnerability is reported as CVE-2026-14692. The attack is possible to be carried out remotely. Moreover, an exploit is present.
https://vuldb.com/vuln/376288
A vulnerability categorized as critical has been discovered in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection.
This vulnerability is documented as CVE-2026-14691. The attack can be executed remotely. Additionally, an exploit exists.
https://vuldb.com/vuln/376287
Безопасность довели до абсурда. Обновлённая модель блокирует запросы программистов даже без реальной угрозы.
https://www.securitylab.ru/news/574429.php
A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. It has been rated as critical. This affects the function save_users of the file classes/Users.php. This manipulation causes improper authorization.
This vulnerability is registered as CVE-2026-14690. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
https://vuldb.com/vuln/376286
Submit #846835 / VDB-376291
https://vuldb.com/submit/846835
Submit #846834 / VDB-376290
https://vuldb.com/submit/846834
Submit #846833 / VDB-376289
https://vuldb.com/submit/846833