Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for Smart Parking System by code-projects

CVE-2026-10243 (GCVE-0-2026-10243)

Vulnerability from cvelistv5

Published

2026-06-01 09:00

Modified

2026-06-01 15:23

Severity ?

5.5 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RC:R
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RC:R

CWE

CWE-306 - Missing Authentication
CWE-287 - Improper Authentication

Summary

A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected.

References

URL

Tags

	https://vuldb.com/vuln/367521	vdb-entry
	https://vuldb.com/vuln/367521/cti	signature, permissions-required
	https://vuldb.com/cve/CVE-2026-10243	third-party-advisory
	https://vuldb.com/submit/823871	third-party-advisory
	https://github.com/Xmyronn/smart-parking-system-broken-access.git	exploit
	https://code-projects.org/	product

Impacted products

	Vendor	Product	Version
	code-projects	Smart Parking System	Version: 1.0 cpe:2.3:a:code-projects:smart_parking_system::::::::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-10243",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-01T15:00:26.860506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-01T15:23:18.984Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:code-projects:smart_parking_system:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "Admin Endpoint"
          ],
          "product": "Smart Parking System",
          "vendor": "code-projects",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "imad alvi (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "Missing Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-01T09:00:13.192Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-367521 | code-projects Smart Parking System Admin Endpoint missing authentication",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/vuln/367521"
        },
        {
          "name": "VDB-367521 | CTI Indicators (IOB, IOC)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/367521/cti"
        },
        {
          "name": "CVE-2026-10243 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-10243"
        },
        {
          "name": "Submit #823871 | code-projects Smart Parking System In PHP With Source Code 1.0 Improper Access Controls",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/823871"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/Xmyronn/smart-parking-system-broken-access.git"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://code-projects.org/"
        }
      ],
      "tags": [
        "x_freeware"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-31T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-05-31T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-05-31T12:17:08.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "code-projects Smart Parking System Admin Endpoint missing authentication"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-10243",
    "datePublished": "2026-06-01T09:00:13.192Z",
    "dateReserved": "2026-05-31T10:12:00.665Z",
    "dateUpdated": "2026-06-01T15:23:18.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}