CVE-2026-3401

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the exploitability is difficult. The exploit has been made available to the public and could be used for attacks.

CVSS v3 3.1 LOW
CVSS v2.0 2.1 LOW

3.1^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:S/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/hiranerakkot/Web-based-Pharmacy-Product-Management-System/blob/main/README.md	Exploit Third Party Advisory
https://vuldb.com/?ctiid.348296	VDB Entry
https://vuldb.com/?id.348296	Third Party Advisory VDB Entry
https://vuldb.com/?submit.762795	Third Party Advisory VDB Entry
https://www.sourcecodester.com/	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:senior-walter:web-based_pharmacy_product_management_system:1.0:*:*:*:*:*:*:*

History

03 Mar 2026, 19:47

Type	Values Removed	Values Added
References	~~() https://github.com/hiranerakkot/Web-based-Pharmacy-Product-Management-System/blob/main/README.md -~~	() https://github.com/hiranerakkot/Web-based-Pharmacy-Product-Management-System/blob/main/README.md - Exploit, Third Party Advisory
References	~~() https://vuldb.com/?ctiid.348296 -~~	() https://vuldb.com/?ctiid.348296 - VDB Entry
References	~~() https://vuldb.com/?id.348296 -~~	() https://vuldb.com/?id.348296 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.762795 -~~	() https://vuldb.com/?submit.762795 - Third Party Advisory, VDB Entry
References	~~() https://www.sourcecodester.com/ -~~	() https://www.sourcecodester.com/ - Product
CPE		cpe:2.3:a:senior-walter:web-based_pharmacy_product_management_system:1.0:::::::*
First Time		Senior-walter Senior-walter web-based Pharmacy Product Management System

02 Mar 2026, 20:30

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una debilidad en SourceCodester Web-based Pharmacy Product Management System 1.0, la cual afecta a una parte desconocida. Si se manipula se provoca que la sesión expire. Es posible explotar el ataque en remoto. El ataque es de complejidad bastante alta y difícil de explotar. El exploit se ha puesto a disposición del público y podría utilizarse para ataques.

02 Mar 2026, 01:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-02 01:16

Updated : 2026-03-03 19:47

NVD link : CVE-2026-3401

Mitre link : CVE-2026-3401

CVE.ORG link : CVE-2026-3401

JSON object : View

Products Affected

senior-walter

web-based_pharmacy_product_management_system

CWE

CWE-613

Insufficient Session Expiration

3.1 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

2.1 /10

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2026-3401

3.1^/10

2.1^/10

Attach tags to `CVE-2026-3401`