CVE Catalog

CVE-2026-11515

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability has been found in the Barangay Resident Profiling and Information Management System, affecting an unknown function in the password_reset.php file. Manipulating the new_password argument with the input 'password123' leads to the use of a hard-coded password.

Risk Assessment

An attacker may remotely exploit this vulnerability, posing a serious threat to the security of user data within the system.

Recommendation

It is recommended to update the system to the latest version and implement additional security measures in the password reset process.

Original NVD description (English source)

A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword_reset.php of the component Password Reset Handler. Such manipulation of the argument new_password with the input password123 leads to use of hard-coded password. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS