CVE-2026-37149

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 25, 2026

Vendor unknown

Description

GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parameter in /grocery/search_products.php. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.

References

https://github.com/anirudhkannanvp/GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN-
https://github.com/pateldhyeyit/CVE-2026-37149
https://owasp.org/www-community/attacks/SQL_Injection