Web-based pharmacy product management system

This hub aggregates every CVE we track for Web-based pharmacy product management system, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Web-based pharmacy product management system.

• CVE-2026-7746SourceCodester Web-based Pharmacy Product Management System edit-admin.php sql injection6.3May 4, 2026
• CVE-2026-30573A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails to validate the "txtpri...7.5Apr 1, 2026
• CVE-2026-30575A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry...7.5Mar 27, 2026
• CVE-2026-30574A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity (txtqty) ex...7.5Mar 27, 2026
• CVE-2026-30576A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" paramet...7.5Mar 27, 2026
• CVE-2026-4013SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization6.3Mar 12, 2026
• CVE-2026-3766SourceCodester Web-based Pharmacy Product Management System edit-profile.php cross site scripting3.5Mar 8, 2026
• CVE-2026-3401SourceCodester Web-based Pharmacy Product Management System session expiration3.1Mar 2, 2026
• CVE-2025-65215Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /product_expiry/add-supplier.php via the Supplier Name field.6.1Dec 2, 2025
• CVE-2025-63712Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Management System. The User Management module (delete-user.php) allows remote attackers to delete arbitrary user accounts via forg...8.8Nov 10, 2025
• CVE-2025-56018SourceCodester Web-based Pharmacy Product Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in Category Management via the category name field.6.1Sep 30, 2025
• CVE-2025-56274SourceCodester Web-based Pharmacy Product Management System 1.0 is vulnerable to Incorrect Access Control, which allows low-privileged users to forge high privileged (such as admin) sessions and pe...8.1Sep 15, 2025
• CVE-2025-45997Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability. An attacker can upload a PHP file disguised as an image by modifying the Content-Type header to im...8.6May 28, 2025
• CVE-2025-4547SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting2.4May 11, 2025
• CVE-2025-45751SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add-admin.php via the Fullname text field.6.1May 5, 2025