Back to CVE List

CVE-2026-15540

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
4.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Vulnerability Description

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/require statement in php program. It is possible to initiate the attack remotely. The exploit is now public and may be used.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-73
Source
NVD
Vendor
SourceCodester
Product
Online Book Store System

External References

Discussion (0)

Add Comment

No comments yet. Be the first!