Improper Authorization Vulnerability in SourceCodester Ship Ferry Ticket Reservation System
CVE-2026-10876

5.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Ship Ferry Ticket Reservation System
Vendor
CVE Published:
4 June 2026

What is CVE-2026-10876?

A vulnerability has been discovered in the SourceCodester Ship Ferry Ticket Reservation System version 1.0. This flaw exists within an unspecified function of the '/admin/' directory, where improper authorization controls can be exploited. Attackers can manipulate the 'page' parameter, leading to unauthorized access and potential remote exploitation. Publicly available exploits for this vulnerability increase the urgency for affected users to evaluate their security measures and apply necessary mitigations.

Affected Version(s)

Ship Ferry Ticket Reservation System 1.0

References

https://vuldb.com/vuln/368366
vdb-entrytechnical-description
https://vuldb.com/vuln/368366/cti
signaturepermissions-required
https://vuldb.com/cve/CVE-2026-10876
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Hemant Raj Bhati (VulDB User)
.