Security Advisory

CVE-2026-9445

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-25 09:15:09
Last updated 2026-05-26 14:48:19
Assigner VulDB
State PUBLISHED

Description

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.