CVE-2026-7199: SQL Injection in Pharmacy Sales and Inventory System
The National Vulnerability Database (NVD) has detailed CVE-2026-7199, a high-severity SQL injection vulnerability affecting SourceCodester Pharmacy Sales and Inventory System version 1.0. The flaw resides in an unspecified function within the /ajax.php?action=delete_product file. Attackers can trigger this vulnerability by manipulating the ID argument, enabling remote SQL injection.
This vulnerability carries a CVSSv3.1 score of 7.3 (High), indicating significant risk. The NVD notes that the exploit for CVE-2026-7199 is publicly available, which drastically increases the urgency for remediation. The lack of specified affected products beyond the base version 1.0 suggests a broad impact across deployments of this specific system.
For defenders, this is a clear and present danger. SQL injection is a foundational attack vector, often leading to full data compromise or remote code execution. With a public exploit, unpatched instances are ripe for exploitation. Any organization using SourceCodester Pharmacy Sales and Inventory System 1.0 must assume they are a target and act accordingly.
What This Means For You
- If your organization uses SourceCodester Pharmacy Sales and Inventory System 1.0, you must immediately audit your deployments for CVE-2026-7199. Given the public exploit, assume compromise and conduct a forensic review of logs for suspicious activity related to `/ajax.php?action=delete_product` and database access.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-7199: SQL Injection in Pharmacy System ajax.php delete_product action
title: CVE-2026-7199: SQL Injection in Pharmacy System ajax.php delete_product action
id: scw-2026-04-28-ai-1
status: experimental
level: high
description: |
Detects attempts to exploit CVE-2026-7199 by targeting the delete_product action in ajax.php with a SQL injection payload in the ID parameter. This is a direct detection of the known exploit path.
author: SCW Feed Engine (AI-generated)
date: 2026-04-28
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-7199/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri-query|contains:
- '/ajax.php?action=delete_product&ID='
cs-method:
- 'GET'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-7199 | SQLi | SourceCodester Pharmacy Sales and Inventory System 1.0 |
| CVE-2026-7199 | SQLi | /ajax.php?action=delete_product |
| CVE-2026-7199 | SQLi | argument ID |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 03:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7211: dvladimirov MCP Command Injection Vulnerability
CVE-2026-7211 — A weakness has been identified in dvladimirov MCP up to 0.1.0. The impacted element is the function GitSearchRequest of the file mcp_server.py of...
CVE-2026-7206: sqlite-mcp SQL Injection Vulnerability Exposed
CVE-2026-7206 — A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extract_to_json of the file src/entry.py....
CVE-2026-7205: High-Severity Path Traversal in duartium papers-mcp-server
CVE-2026-7205 — A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search_papers of the file src/main.py. Such manipulation of the argument topic...