A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Metrics
Affected Vendors & Products
References
History
Sun, 05 Jul 2026 03:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |
| Title | SourceCodester Multi-Vendor Online Grocery Management System POST Parameter Master.php cancel_order sql injection | |
| First Time appeared |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:sourcecodester:multi-vendor_online_grocery_management_system:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-05T02:30:08.729Z
Reserved: 2026-07-04T04:59:04.405Z
Link: CVE-2026-14694
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-05T05:15:02Z