CVE-2026-3792
Received Received - Intake
SQL Injection in SourceCodester Sales Inventory purchase_invoice.php

Publication date: 2026-03-09

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchase_invoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-09
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-03-09
EPSS Evaluated
2026-05-05
NVD
CVE-2026-3792
EUVD
EUVD-2026-10282
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ahsanriaz26gmailcom sales_and_inventory_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': 'CVE-2026-3792 is a SQL injection vulnerability found in SourceCodester Sales and Inventory System version 1.0, specifically in the file purchase_invoice.php. The vulnerability arises from improper sanitization of the GET parameter "purchaseid", allowing an attacker to inject malicious SQL commands.'}, {'type': 'paragraph', 'content': 'This flaw enables attackers to manipulate SQL queries executed by the application, potentially compromising the confidentiality, integrity, and availability of the system. The vulnerability can be exploited remotely and requires authentication.'}, {'type': 'paragraph', 'content': 'The injection supports multiple techniques including UNION-based queries, Boolean-based blind injection, and time-based blind injection, allowing attackers to retrieve sensitive database information and enumerate database schema.'}] [1, 2, 3]


How can this vulnerability impact me? :

Exploitation of this vulnerability can lead to unauthorized access to sensitive data stored in the backend database, including potentially confidential business or customer information.

Attackers can retrieve, modify, or delete data by injecting arbitrary SQL commands, which compromises data integrity and availability.

The vulnerability can also be used to enumerate database structure, increasing the risk of further attacks.

Since the exploit is publicly available and can be performed remotely, the risk of attack is significant, especially if the system is exposed to the internet.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing the purchase_invoice.php endpoint with crafted SQL injection payloads targeting the purchaseid GET parameter.'}, {'type': 'paragraph', 'content': 'One effective method is to use sqlmap, an automated SQL injection tool, to scan and confirm the vulnerability.'}, {'type': 'list_item', 'content': 'Example sqlmap command: sqlmap -u "http://127.0.0.1:8089/purchase_invoice.php?purchaseid=PR3" --batch -v 6 --risk=3 --cookie "PHPSESSID=YOUR_COOKIE_HERE"'}, {'type': 'paragraph', 'content': 'Additionally, attackers or testers can use manual payloads such as UNION-based, boolean-based blind, or time-based blind SQL injection strings in the purchaseid parameter to verify the vulnerability.'}, {'type': 'list_item', 'content': "UNION-based payload example: purchaseid=PR3' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7162787171,0x68595375656a48764e49416542676f73764647584277616849704858684e4e76494e4a71726f6357,0x71786b6a71),NULL,...-- -"}, {'type': 'list_item', 'content': "Boolean-based blind payload example: purchaseid=PR3' AND 8776=8776 AND 'AuSo'='AuSo"}, {'type': 'list_item', 'content': "Time-based blind payload example: purchaseid=PR3' AND (SELECT 9448 FROM (SELECT(SLEEP(5)))wjTm) AND 'yFph'='yFph"}, {'type': 'paragraph', 'content': 'Google dorking can also help identify vulnerable targets by searching for URLs containing purchase_invoice.php, e.g., using the query: inurl:purchase_invoice.php'}] [1, 2]


What immediate steps should I take to mitigate this vulnerability?

No known countermeasures or mitigations have been documented for this vulnerability.

It is suggested to replace the affected component or product with an alternative that does not contain this vulnerability.

As an immediate step, restrict access to the vulnerable purchase_invoice.php endpoint and monitor for suspicious activity.

Implementing web application firewall (WAF) rules to detect and block SQL injection attempts targeting the purchaseid parameter may help reduce risk temporarily.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart