A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Metrics
Affected Vendors & Products
References
History
Sun, 05 Jul 2026 02:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |
| Title | SourceCodester Multi-Vendor Online Grocery Management System Setting SystemSettings.php update_settings_info code injection | |
| First Time appeared |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| Weaknesses | CWE-74 CWE-94 |
|
| CPEs | cpe:2.3:a:sourcecodester:multi-vendor_online_grocery_management_system:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sourcecodester
Sourcecodester multi-vendor Online Grocery Management System |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-07-05T01:45:09.015Z
Updated: 2026-07-05T01:45:09.015Z
Reserved: 2026-07-04T04:58:54.895Z
Link: CVE-2026-14691
No data.
No data.
No data.