CVE-2026-14692
MEDIUM
NVD
CVSS Score
6.3
Severity
MEDIUM
Published
Jul 05, 2026
Vendor
unknown
Description
A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function save_shop_type of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.