Description
A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
Problem types
Product status
Timeline
| 2026-07-12: | Advisory disclosed |
| 2026-07-12: | VulDB entry created |
| 2026-07-12: | VulDB entry last update |
Credits
Hemant Raj Bhati (VulDB User)
References
vuldb.com/vuln/377889 (VDB-377889 | SourceCodester Online Book Store System Book Image Upload Feature index.php books unrestricted upload)
vuldb.com/vuln/377889/cti (VDB-377889 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-15539 (CVE-2026-15539 | CVE Analysis and Report)
vuldb.com/submit/855046 (Submit #855046 | SourceCodester Online Book Store System 1.0 Remote Code Execution)
medium.com/...-rce-via-unrestricted-file-upload-5a4a313ea1f1
www.sourcecodester.com/