SQL Injection Vulnerability in SourceCodester Online Book Store System by SourceCodester
CVE-2026-15537

6.9MEDIUM

Key Information:

Vendor
CVE Published:
13 July 2026

What is CVE-2026-15537?

A security flaw has been identified in the SourceCodester Online Book Store System 1.0, specifically affecting the admin/login.php file. An attacker can manipulate the Username parameter to execute SQL injection attacks remotely. The exploit has been publicly disclosed, making it crucial for users of this system to apply necessary security measures to mitigate potential risks.

Affected Version(s)

Online Book Store System 1.0

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Gaurav kumar (VulDB User)
.