CVE-2026-11515
Deferred Deferred - Pending Action

Hard-Coded Password in Barangay Resident Profiling System

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: VulDB

Description
A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword_reset.php of the component Password Reset Handler. Such manipulation of the argument new_password with the input password123 leads to use of hard-coded password. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-29
AI Q&A
2026-06-08
EPSS Evaluated
2026-06-27
NVD
CVE-2026-11515
EUVD
EUVD-2026-35057

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
sourcecodester barangay_resident_profiling_and_information_management_system 1.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-255
CWE-259 The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the SourceCodester Barangay Resident Profiling and Information Management System 1.0, specifically in an unknown function within the file password_reset.php, which handles password resets.

The issue arises when the argument new_password is manipulated with the input 'password123', causing the system to use a hard-coded password.

This vulnerability can be exploited remotely, and the exploit has been publicly disclosed.

Impact Analysis

Exploitation of this vulnerability allows an attacker to remotely set or use a hard-coded password, potentially bypassing normal authentication mechanisms.

This can lead to unauthorized access to the system, compromising the confidentiality and integrity of the data managed by the Barangay Resident Profiling and Information Management System.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11515. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart