A vulnerability was found in SourceCodester Storage Unit Rental Management System 1.0 . It has been declared as critical . Affected by this issue is some unknown functionality of the file /storage/admin/rents/manage_rent.php . Such manipulation leads to sql injection. This vulnerability is traded as CVE-2026-37590 . The attack may be launched remotely. There is no exploit available.