CVE-2026-14725
MEDIUMSourceCodester Online Boat Reservation System session expiration
Title source: cnaDescription
A vulnerability was identified in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality. Such manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
References (6)
Core 6
Core References
Vdb Entry vdb-entry
VDB-376311 | SourceCodester Online Boat Reservation System session expiration
https://vuldb.com/vuln/376311
Signature, Permissions Required signature
permissions-required
VDB-376311 | CTI Indicators (IOB, IOC)
https://vuldb.com/vuln/376311/cti
Third Party Advisory third-party-advisory
CVE-2026-14725 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14725
Third Party Advisory third-party-advisory
Submit #847674 | SourceCodester Online Boat Reservation System 1.0 Improper Session Invalidation
https://vuldb.com/submit/847674
Exploit broken-link
exploit
https://medium.com/@hemantrajbhati5555/improper-session-invalidation-in-online-boat-reservation-system-using-php-acebd53a8ae7
Product product
https://www.sourcecodester.com/
Scores
CVSS v3
6.3
EPSS
0.0021
EPSS Percentile
11.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-613
Status
published
Products (1)
SourceCodester/Online Boat Reservation System
1.0
Published
Jul 05, 2026
Tracked Since
Jul 05, 2026