CVE-2026-4780
SQL Injection in SourceCodester Sales Inventory System (update_out_standing.php
Publication date: 2026-03-25
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ahsanriaz26gmailcom | sales_and_inventory_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-4780 is a SQL Injection vulnerability found in SourceCodester Sales and Inventory System version 1.0, specifically in the update_out_standing.php file. The issue arises because the application does not properly sanitize the 'sid' parameter in HTTP GET requests. This allows authenticated attackers to inject arbitrary SQL commands into the backend MySQL database."}, {'type': 'paragraph', 'content': 'The injection supports multiple techniques including UNION-based queries with up to 23 columns, Boolean-based blind SQL injection, and Time-based blind SQL injection. Exploiting this vulnerability enables attackers to retrieve and display sensitive data, enumerate database schema, and potentially manipulate the database.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can have serious impacts if exploited. Attackers who are authenticated can remotely execute arbitrary SQL commands on the backend database. This can lead to unauthorized access to sensitive data stored in the database.'}, {'type': 'list_item', 'content': 'Exfiltration of sensitive data by retrieving database contents.'}, {'type': 'list_item', 'content': 'Enumeration of the database schema, including tables and columns.'}, {'type': 'list_item', 'content': 'Potential manipulation or corruption of database data.'}, {'type': 'paragraph', 'content': "Overall, this can compromise the confidentiality, integrity, and availability of the system's data."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by testing the 'sid' parameter in HTTP GET requests to the update_out_standing.php component for SQL injection flaws."}, {'type': 'paragraph', 'content': 'One effective method is to use automated tools like sqlmap to test for SQL injection by sending crafted requests with injection payloads.'}, {'type': 'list_item', 'content': 'Use the following sqlmap command to detect the vulnerability (replace the URL and cookie as appropriate):'}, {'type': 'list_item', 'content': 'sqlmap -u "http://127.0.0.1:8089/update_out_standing.php?sid=PR362&table=stock_entries&return=view_out_standing.php" --batch -v 6 --risk=3 --cookie "PHPSESSID=YOUR_COOKIE_HERE"'}, {'type': 'paragraph', 'content': "Additionally, manual testing can be done by injecting payloads such as UNION-based, Boolean-based blind, or Time-based blind SQL injection strings into the 'sid' parameter and observing the responses."}] [1]
What immediate steps should I take to mitigate this vulnerability?
I don't know