CVE-2026-9447
HIGH NVDCVSS Score
7.3
Severity
HIGH
Source
NVD
Published
May 25, 2026
Description
A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.