CVE-2026-10243

code-projects Smart Parking System Admin Endpoint missing authentication

CVSS 6.9 MEDIUMEPSS 0.6%CWE-287 CWE-306

A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Affected products

code-projects · Smart Parking System

public PoCs found — 2

githubgithub.com/Xmyronn/CVE-2026-10243-AUTH★ 0 cve_referencegithub.com/Xmyronn/smart-parking-system-broken-access.gitunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://code-projects.org/https://github.com/Xmyronn/smart-parking-system-broken-access.git https://vuldb.com/cve/CVE-2026-10243 https://vuldb.com/submit/823871 https://vuldb.com/vuln/367521 https://vuldb.com/vuln/367521/cti