A vulnerability described as critical has been identified in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection.
This vulnerability is identified as CVE-2026-15537. The attack can be executed remotely. Additionally, an exploit exists.