Simple Client Management System Project: >> Simple Client Management System Security Vulnerabilities
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-12
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-12
A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request.
CVSS Score
9.8
EPSS Score
0.127
Published
2022-03-31
Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-03-31
An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-03-31
Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVSS Score
9.8
EPSS Score
0.03
Published
2022-03-21
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVSS Score
9.8
EPSS Score
0.03
Published
2022-03-21
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-02-01
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php.
CVSS Score
9.8
EPSS Score
0.678
Published
2022-02-01
Page 2