CVE-2026-9445 | SourceCodester Simple POS and Inventory System 1.0 File Extension /admin/addproduct.php image unrestricted upload

A vulnerability marked as critical has been reported in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload.

This vulnerability is registered as CVE-2026-9445. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More