Primary

Context

SourceCodester Employee Management System Default Credentials Vulnerability

Vulnerability

A critical vulnerability exists in SourceCodester Employee Management System version 1.0, specifically within the login functionality of index.php. The issue arises from the use of default credentials, allowing remote authentication bypass. Exploitation involves manipulating the username and password fields to gain unauthorized access.

Impact

Successful exploitation allows users to log in with default credentials, bypassing authentication.

Reproduction

To reproduce this vulnerability, navigate to the login page of the Employee Management System. Enter 'admin' as the username and 'admin123' as the password. Submit the login form to gain access to the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SourceCodester Employee Management System Default Credentials Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating