What is GHSA-wq78-w3qj-qc93?

GHSA-wq78-w3qj-qc93 is a security advisory published by GitHub Security Advisories with Low severity. A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue...

Which CVE IDs does GHSA-wq78-w3qj-qc93 cover?

GHSA-wq78-w3qj-qc93 covers the following CVE IDs: CVE-2026-9444. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-wq78-w3qj-qc93?

GHSA-wq78-w3qj-qc93 has a CVSS v3 base score of 4.7, published by GitHub Security Advisories.

GHSA-wq78-w3qj-qc93LowCVSS 4.7

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2026-9444 →

📋 Description

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2026-9444
https://gist.github.com/c4ttr4ck/5d05aaee5b43f259ebe8bb8bce5c658f
https://vuldb.com/submit/813611
https://vuldb.com/vuln/365425
https://vuldb.com/vuln/365425/cti
https://www.sourcecodester.com
https://github.com/advisories/GHSA-wq78-w3qj-qc93