CVE-2026-8083: SQL Injection in SourceCodester Pharmacy System

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitysql-injectioncwe-74cwe-89
CVE-2026-8083: SQL Injection in SourceCodester Pharmacy System

The National Vulnerability Database has disclosed CVE-2026-8083, a high-severity SQL injection vulnerability impacting SourceCodester Pharmacy Sales and Inventory System version 1.0. The flaw, located in the ajax.php?action=save_user file, allows for remote code execution through the manipulation of the ID argument. This is a classic SQLi attack vector, indicating a lack of proper input sanitization.

With a CVSSv3.1 score of 7.3 (High), this vulnerability is critical. The attack complexity is low (AC:L) and no privileges are required (PR:N), nor is user interaction necessary (UI:N). This means an unauthenticated attacker can exploit it remotely with minimal effort. The National Vulnerability Database confirms that a public exploit exists, making this an immediate threat for any organization running this specific application.

Organizations using SourceCodester Pharmacy Sales and Inventory System 1.0 are directly exposed. The impact includes potential compromise of confidentiality, integrity, and availability (C:L/I:L/A:L) of the system and its data. Given the nature of a pharmacy system, this could expose sensitive patient records, inventory data, and financial information, leading to severe compliance and operational repercussions.

What This Means For You

  • If your organization uses SourceCodester Pharmacy Sales and Inventory System 1.0, you are vulnerable to CVE-2026-8083. Immediately identify all instances of this software in your environment. Prioritize patching or isolating these systems from the internet. Audit logs for any suspicious activity related to `ajax.php?action=save_user` manipulation.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1505.003 Server Software Component: SQL Injection Initial Access

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

CVE-2026-8083: SQL Injection in SourceCodester Pharmacy System /ajax.php

Sigma YAML — free preview 
title: CVE-2026-8083: SQL Injection in SourceCodester Pharmacy System /ajax.php
id: scw-2026-05-07-ai-1
status: experimental
level: high
description: |
  Detects exploitation attempts against SourceCodester Pharmacy Sales and Inventory System 1.0 by looking for requests to /ajax.php with the action=save_user parameter and a common SQL injection pattern ('1=1') within the ID parameter. This is the primary detection for the initial exploitation of CVE-2026-8083.
author: SCW Feed Engine (AI-generated)
date: 2026-05-07
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-8083/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri|contains:
          - '/ajax.php?action=save_user'
      cs-uri-query|contains:
          - 'ID='
      cs-uri-query|contains:
          - '1=1'
  condition: selection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-8083 SQLi SourceCodester Pharmacy Sales and Inventory System 1.0
CVE-2026-8083 SQLi Vulnerable file: /ajax.php?action=save_user
CVE-2026-8083 SQLi Vulnerable parameter: ID

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 07, 2026 at 22:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-8087 — OSGeo Gdal Buffer Overflow

CVE-2026-8087 — A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43510: CISA's manage.get.gov Domain Manager Vulnerability

CVE-2026-43510 — manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already...

vulnerabilityCVEhigh-severitycwe-266
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42241 — Applications Using ParquetSharp To Read Untrusted Parquet Fi Vulnerability

CVE-2026-42241 — ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc...

vulnerabilityCVEmedium-severitycwe-789
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma