Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 05 Jul 2026 02:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |
| Title | SourceCodester Multi-Vendor Online Grocery Management System Setting SystemSettings.php update_settings_info code injection | |
| First Time appeared |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| Weaknesses | CWE-74 CWE-94 |
|
| CPEs | cpe:2.3:a:sourcecodester:multi-vendor_online_grocery_management_system:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-05T01:45:09.015Z
Reserved: 2026-07-04T04:58:54.895Z
Link: CVE-2026-14691
No data.
No data.
No data.
OpenCVE Enrichment
No data.