PT-2026-24935 · Sourcecodester · Web-Based Pharmacy Product Management System

Muhdfarhan

Published

2026-03-12

Updated

2026-03-13

CVE-2026-4013

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SourceCodester Web-based Pharmacy Product Management System version 1.0

Description A flaw exists in SourceCodester Web-based Pharmacy Product Management System 1.0 that results in improper authorization. This issue affects an unknown function within the add admin.php file and can be exploited remotely. The manipulation of this function leads to unauthorized access.

Recommendations Versions prior to 1.0 are recommended. As a temporary workaround, consider restricting access to the add admin.php file to minimize the risk of exploitation.

Fix

Improper Authorization

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-266

Related Identifiers

CVE-2026-4013

Affected Products

Web-Based Pharmacy Product Management System

PT-2026-24935 · Sourcecodester · Web-Based Pharmacy Product Management System

CVE-2026-4013

Weakness Enumeration

Related Identifiers

Affected Products

References · 8