CVE-2026-15537
Severity CVSS v4.0:
MEDIUM
Type:
CWE-74
Injection
Publication date:
13/07/2026
Last modified:
13/07/2026
Description
A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
Impact
Base Score 4.0
5.50
Severity 4.0
MEDIUM
Base Score 3.x
7.30
Severity 3.x
HIGH
Base Score 2.0
7.50
Severity 2.0
HIGH



