Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 05 Jul 2026 03:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |
| Title | SourceCodester Multi-Vendor Online Grocery Management System POST Parameter Master.php cancel_order sql injection | |
| First Time appeared |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:sourcecodester:multi-vendor_online_grocery_management_system:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-05T02:30:08.729Z
Reserved: 2026-07-04T04:59:04.405Z
Link: CVE-2026-14694
No data.
No data.
No data.
OpenCVE Enrichment
No data.