← volver
CVE-2026-10243

code-projects Smart Parking System Admin Endpoint missing authentication

CVSS 6.9 MEDIUMEPSS 0.6%CWE-287CWE-306
A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
code-projects · Smart Parking System
PoCs públicas encontradas2
githubgithub.com/Xmyronn/CVE-2026-10243-AUTH0cve_referencegithub.com/Xmyronn/smart-parking-system-broken-access.gitno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://code-projects.org/https://github.com/Xmyronn/smart-parking-system-broken-access.githttps://vuldb.com/cve/CVE-2026-10243https://vuldb.com/submit/823871https://vuldb.com/vuln/367521https://vuldb.com/vuln/367521/cti