CVE-2026-11519
Received Received - Intake
Improper Authorization in SourceCodester Inventory System 1.0

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: VulDB

Description
A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /Product_Inventory/api/users_handler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-08
AI Q&A
2026-06-08
EPSS Evaluated
N/A
NVD
CVE-2026-11519
EUVD
EUVD-2026-35069
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sourcecodester inventory_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the SourceCodester Inventory System 1.0, specifically in the Account Creation Handler component located in the file /Product_Inventory/api/users_handler.php. It involves improper authorization caused by manipulation of the ROLE argument. An attacker can exploit this flaw remotely to bypass authorization controls.

Impact Analysis

The vulnerability allows an attacker to manipulate the ROLE argument to gain unauthorized access or privileges within the system. This can lead to unauthorized actions being performed, potentially compromising the integrity, confidentiality, or availability of the inventory system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11519. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart