A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
History

Mon, 13 Jul 2026 06:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
Title SourceCodester Online Book Store System Book Image Upload Feature index.php books unrestricted upload
First Time appeared Sourcecodester
Sourcecodester online Book Store System
Weaknesses CWE-284
CWE-434
CPEs cpe:2.3:a:sourcecodester:online_book_store_system:*:*:*:*:*:*:*:*
Vendors & Products Sourcecodester
Sourcecodester online Book Store System
References
Metrics cvssV2_0

{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-07-13T06:15:07.726Z

Updated: 2026-07-13T06:15:07.726Z

Reserved: 2026-07-12T18:04:47.797Z

Link: CVE-2026-15539

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.