Unrestricted File Upload Vulnerability in SourceCodester Online Book Store System
CVE-2026-15539

5.1MEDIUM

Key Information:

Vendor
CVE Published:
13 July 2026

What is CVE-2026-15539?

A security vulnerability exists within the Online Book Store System 1.0 by SourceCodester, specifically in the Book Image Upload feature located in the /admin/index.php?page=books file. This flaw allows malicious actors to perform unrestricted file uploads, potentially leading to remote code execution. As this vulnerability has been publicly disclosed, it poses a significant risk if left unaddressed, allowing attackers to exploit it remotely.

Affected Version(s)

Online Book Store System 1.0

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Hemant Raj Bhati (VulDB User)
.