CVE-2026-14695 | SourceCodester Multi-Vendor Online Grocery Management System 1.0 Registration classes/Users.php save_client Name sql injection (EUVD-2026-41718)
A vulnerability described as critical has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_client of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection.
This vulnerability is known as CVE-2026-14695. It is possible to launch the attack remotely. Furthermore, an exploit is available.