SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected.

Basic Information

ID CVE-2026-10693

Source VulDB

Published Jun 3, 2026 at 00:00

Affected Product

Vendor SourceCodester

Product Online Boat Reservation System

Version 1.0

Affected Versions SourceCodester Online Boat Reservation System 1.0

CWE Classification

CWE-285 CWE-266

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected.",
    "published": "2026-06-03T00:00:12.858Z",
    "modified": "2026-06-03T00:00:12.858Z",
    "type": "cve",
    "title": "SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367962\nhttps://vuldb.com/vuln/367962/cti\nhttps://vuldb.com/cve/CVE-2026-10693\nhttps://vuldb.com/submit/830894\nhttps://medium.com/@hemantrajbhati5555/broken-access-control-in-sourcecodester-online-boat-reservation-system-1-0-4ed0380d2222\nhttps://www.sourcecodester.com/",
    "id": "CVE-2026-10693",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Online Boat Reservation System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Boat Reservation System",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization_CVE-2026-10693