code-projects Online Product Reservation System Administration Backend improper authentication

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be used.

Basic Information

ID CVE-2026-0589

Source VulDB

Published Jan 5, 2026 at 12:02

Affected Product

Vendor code-projects

Product Online Product Reservation System

Version 1.0

Affected Versions code-projects Online Product Reservation System 1.0

CWE Classification

CWE-287

References

{
    "lastseen": "",
    "description": "A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be used.",
    "published": "2026-01-05T12:02:06.235Z",
    "modified": "2026-01-05T12:02:06.235Z",
    "type": "cve",
    "title": "code-projects Online Product Reservation System Administration Backend improper authentication",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.339499\nhttps://vuldb.com/?ctiid.339499\nhttps://vuldb.com/?submit.731127\nhttps://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/auth_bypass_admin_panel.md\nhttps://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/auth_bypass_admin_panel.md#poc\nhttps://code-projects.org/",
    "id": "CVE-2026-0589",
    "bulletinFamily": "",
    "cwe": [
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "code-projects Online Product Reservation System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Product Reservation System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

code-projects Online Product Reservation System Administration Backend improper authentication_CVE-2026-0589