CVE-2026-10248 | SourceCodester Pharmacy Sales and Inventory System up to 1.0 Supplier Creation Interface /Export_csv/export create_supplier Address/Company Name csv injection

A vulnerability marked as problematic has been reported in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function create_supplier of the file /Export_csv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection.

This vulnerability is registered as CVE-2026-10248. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More