SQL Injection Vulnerability in CodeAstro Ingredients Stock Management System
CVE-2026-10235

5.3MEDIUM

Key Information:

Vendor: Codeastro
Status: Ingredients Stock Management System
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-10235?

A security flaw exists in the CodeAstro Ingredients Stock Management System version 1.0, specifically within the /Ingredients-Stock/stock_manager.php file. This vulnerability allows an attacker to manipulate the 'txt_search_category' parameter, resulting in SQL injection. This exploit can be initiated remotely, potentially leading to unauthorized access to the database. The exploit has been publicly disclosed and poses a significant threat to users of this product.

Affected Version(s)

Ingredients Stock Management System 1.0

References

https://vuldb.com/vuln/367514

vdb-entrytechnical-description

https://vuldb.com/vuln/367514/cti

signaturepermissions-required

https://vuldb.com/cve/CVE-2026-10235

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
May 31, 2026

Credit

Tomato0o (VulDB User)

CVE-2026-10235 Data

JSON