CVE-2026-3401

CWE-613 — Insufficient Session Expiration3 documents3 sources

Severity

2.3LOW

EPSS

0.1%

top 75.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Web-based Pharmacy Product Management System Senior-walter Web-based Pharmacy Product Management System

Timeline

PublishedMar 2

Description

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the exploitability is difficult. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/web-based_pharmacy_product_management_system1.0

▶NVDsenior-walter/web-based_pharmacy_product_management_system1.0

🔴Vulnerability Details

GHSA

GHSA-jp9r-hwvp-x6c8: A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1↗2026-03-02

▶

CVEList

SourceCodester Web-based Pharmacy Product Management System session expiration↗2026-03-02

▶