Description
A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/require statement in php program. It is possible to initiate the attack remotely. The exploit is now public and may be used.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Mon, 13 Jul 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/require statement in php program. It is possible to initiate the attack remotely. The exploit is now public and may be used. | |
| Title | SourceCodester Online Book Store System Administrative index.php php file inclusion | |
| First Time appeared |
Sourcecodester
Sourcecodester online Book Store System |
|
| Weaknesses | CWE-73 CWE-98 |
|
| CPEs | cpe:2.3:a:sourcecodester:online_book_store_system:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sourcecodester
Sourcecodester online Book Store System |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-13T06:30:08.672Z
Reserved: 2026-07-12T18:07:43.505Z
Link: CVE-2026-15540
No data.
No data.
No data.
OpenCVE Enrichment
No data.