CVE-2026-11515
Deferred Deferred - Pending Action
Hard-Coded Password in Barangay Resident Profiling System

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: VulDB

Description
A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword_reset.php of the component Password Reset Handler. Such manipulation of the argument new_password with the input password123 leads to use of hard-coded password. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-08
AI Q&A
2026-06-08
EPSS Evaluated
N/A
NVD
CVE-2026-11515
EUVD
EUVD-2026-35057
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sourcecodester barangay_resident_profiling_and_information_management_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-259 The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
CWE-255
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the SourceCodester Barangay Resident Profiling and Information Management System 1.0, specifically in an unknown function within the file password_reset.php, which handles password resets.

The issue arises when the argument new_password is manipulated with the input 'password123', causing the system to use a hard-coded password.

This vulnerability can be exploited remotely, and the exploit has been publicly disclosed.

Impact Analysis

Exploitation of this vulnerability allows an attacker to remotely set or use a hard-coded password, potentially bypassing normal authentication mechanisms.

This can lead to unauthorized access to the system, compromising the confidentiality and integrity of the data managed by the Barangay Resident Profiling and Information Management System.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11515. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart