HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-8128 — A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affecte...

·Source: NIST NVD

Updated:

Executive Summary

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

Analysis

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. CVSS Score: 7.3. Published: 2026-05-08T03:16:25.553.

Indicators of Compromise (1)

CVE (1)
CVE-2026-8128
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on May 8, 2026. Verified by: NIST.

Related Threats

LOWVulnerability

Avada Builder WordPress plugin flaws allow site credential theft

Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. [...]

BleepingComputer
MEDIUMVulnerability

Microsoft Edge to stop loading cleartext passwords in memory on startup

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup. [...]

BleepingComputer
MEDIUMVulnerability

Microsoft backpedals: Edge to stop loading passwords into memory

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was "by design." [...]

BleepingComputer