CVE-2026-4013 MEDIUM

CVE-2026-4013: SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization

Vendor Sourcecodester
Product Web-based Pharmacy Product Management System
Weakness CWE-285
Published March 12, 2026
Last update March 12, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

What the vulnerability does

Description

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add_admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely.

Key dates

Disclosure timeline

March 12, 2026 CVE published
March 12, 2026 Record updated