Description
A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
Problem types
Product status
Timeline
| 2026-07-12: | Advisory disclosed |
| 2026-07-12: | VulDB entry created |
| 2026-07-12: | VulDB entry last update |
Credits
Gaurav kumar (VulDB User)
References
vuldb.com/vuln/377887 (VDB-377887 | SourceCodester Online Book Store System login.php sql injection)
vuldb.com/vuln/377887/cti (VDB-377887 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-15537 (CVE-2026-15537 | CVE Analysis and Report)
vuldb.com/submit/855010 (Submit #855010 | SourceCodester Online Book Store System 1.0 SQL Injection)
medium.com/...-leading-to-authentication-bypass-43b773da1967
www.sourcecodester.com/