top of page
perceptive_background_267k.jpg

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?…

Published:

31 May 2026 at 22:00:00

Alert date:

1 June 2026 at 16:08:13

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Identity & Access

A vulnerability has been identified in SourceCodester Water Billing Management System 1.0 affecting the User Management Endpoint. The issue involves improper authorization in the /classes/Users.php?f=save file processing. This vulnerability allows remote attacks and enables unauthorized access to user management functions. The exploit has been publicly disclosed and is available for use by attackers. The vulnerability appears to allow unauthenticated admin account creation, representing a critical security flaw in the application's access control mechanisms.

Technical details

Mitigation steps:

Affected products:

SourceCodester Water Billing Management System

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-10236
https://github.com/renzortega1337/Security-Research-/blob/main/Unauthenticated%20Admin%20Creation%20in%20PHP%20System.md
https://vuldb.com/cve/CVE-2026-10236
https://vuldb.com/submit/823134
https://vuldb.com/vuln/367515
https://vuldb.com/vuln/367515/cti
https://www.sourcecodester.com/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page