Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
SourceCodester Pharmacy System allows unauthorized access to admin
CVE-2026-4013
Summary
A vulnerability in SourceCodester Web-based Pharmacy Product Management System 1.0 allows an attacker to gain unauthorized access to admin features. This means that an outsider could potentially take control of the system, which is a serious security risk. Update the system to the latest version to fix this issue.
Original title
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add_admin.php. Such manipulation leads to improper au...
Original description
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add_admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026