A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/require statement in php program. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Metrics
Affected Vendors & Products
References
History
Mon, 13 Jul 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/require statement in php program. It is possible to initiate the attack remotely. The exploit is now public and may be used. | |
| Title | SourceCodester Online Book Store System Administrative index.php php file inclusion | |
| First Time appeared |
Sourcecodester
Sourcecodester online Book Store System |
|
| Weaknesses | CWE-73 CWE-98 |
|
| CPEs | cpe:2.3:a:sourcecodester:online_book_store_system:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Sourcecodester
Sourcecodester online Book Store System |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-07-13T06:30:08.672Z
Updated: 2026-07-13T06:30:08.672Z
Reserved: 2026-07-12T18:07:43.505Z
Link: CVE-2026-15540
No data.
No data.
No data.