CVE-2026-14692

Severity CVSS v4.0:
LOW
Type:
CWE-74 Injection
Publication date:
05/07/2026
Last modified:
06/07/2026

Description

A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function save_shop_type of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.