CVE-2026-10243

HIGH

code-projects Smart Parking System Admin Endpoint missing authentication

Title source: cna

Description

A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected.

References (6)

Core 6

Core References

Vdb Entry vdb-entry

VDB-367521 | code-projects Smart Parking System Admin Endpoint missing authentication

https://vuldb.com/vuln/367521

Signature, Permissions Required signature permissions-required

VDB-367521 | CTI Indicators (IOB, IOC)

https://vuldb.com/vuln/367521/cti

Third Party Advisory third-party-advisory

CVE-2026-10243 | CVE Analysis and Report

https://vuldb.com/cve/CVE-2026-10243

Third Party Advisory third-party-advisory

Submit #823871 | code-projects Smart Parking System In PHP With Source Code 1.0 Improper Access Controls

https://vuldb.com/submit/823871

Exploit exploit

https://github.com/Xmyronn/smart-parking-system-broken-access.git

Product product

https://code-projects.org/

Scores

CVSS v3 7.3

EPSS 0.0051

EPSS Percentile 39.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-287 CWE-306

Status published

Products (1)

code-projects/Smart Parking System 1.0

Published Jun 01, 2026

Tracked Since Jun 01, 2026