CVE-2026-10248

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

4.7 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L                                    

Vulnerability Description

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function create_supplier of the file /Export_csv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Vulnerability Details

Published Date

June 01, 2026

Last Modified

June 01, 2026

CWE ID

CWE-74

Source

NVD

Vendor

SourceCodester

Product

Pharmacy Sales and Inventory System

External References

https://github.com/timeflies123/cve/issues/6
https://vuldb.com/cve/CVE-2026-10248
https://vuldb.com/submit/824029
https://vuldb.com/vuln/367526
https://vuldb.com/vuln/367526/cti
https://www.sourcecodester.com/

CVE-2026-10248

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment