CVE-2026-14725
MEDIUM
6.3
CVSS 3.1
Description
A vulnerability was identified in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality. Such manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Metadata
Severity & Metrics
6.3
MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SourceCodester | Online Boat Reservation System | — | 1.0 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-613 | cna | Session Expiration |
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 6.5 | N/D | 2.0 | cna | AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR |
| 6.3 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R |
| 6.3 | MEDIUM | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R |
| 5.3 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
References (6)
- VDB-376311 | SourceCodester Online Boat Reservation System session expiration https://vuldb.com/vuln/376311
- VDB-376311 | CTI Indicators (IOB, IOC) https://vuldb.com/vuln/376311/cti
- CVE-2026-14725 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-14725
- Submit #847674 | SourceCodester Online Boat Reservation System 1.0 Improper Session Invalidation https://vuldb.com/submit/847674
- https://medium.com/@hemantrajbhati5555/improper-session-invalidation-in-online-boat-reservation-system-using-php-acebd53a8ae7
- https://www.sourcecodester.com/