SourceCodester Water Billing Management System Improper Authorization Vulnerability in User Management Endpoint

Vulnerability

An improper authorization vulnerability has been identified in SourceCodester Water Billing Management System version 1.0. The issue arises in the User Management Endpoint, specifically within the file '/classes/Users.php?f=save'. This vulnerability allows for unauthorized actions to be performed, and can be exploited remotely.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative access, allowing an attacker to create admin accounts on the affected system.

Added: Jun 1, 2026, 9:47 AM

Updated: Jun 1, 2026, 9:47 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

9.1

remediation

0.0

relevance

9.7

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

9.1

remediation

0.0

relevance

9.7

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SourceCodester Water Billing Management System Improper Authorization Vulnerability in User Management Endpoint

Vulnerability

Impact

Affected Products

SourceCodester Water Billing Management System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating