CVE-2026-10248NVD

Description

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function create_supplier of the file /Export_csv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Severity Level

MEDIUM (4.7)

Published Date

01/06/2026

Last Modified

01/06/2026

Exploitation Status

????

References

https://vuldb.com/vuln/367526
https://vuldb.com/vuln/367526/cti
https://vuldb.com/cve/CVE-2026-10248
https://vuldb.com/submit/824029
https://github.com/timeflies123/cve/issues/6
https://www.sourcecodester.com/