Sourcecodester Pharmacy Sales And Inventory System vulnerabilities

CVE-2026-6188 [MEDIUM] CWE-74 CVE-2026-6188: A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unkn A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.

CVE-2026-6187 [MEDIUM] CWE-74 CVE-2026-6187: A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue a A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk_prod_availability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

CVE-2026-6189 [MEDIUM] CWE-74 CVE-2026-6189: A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affect A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.