CVE-2026-3764

A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadminuserupdate.php. This manipulation causes improper authorization. The attack can be initiated remotely. The exploit has been publicly disclosed...

CVE-2025-14885

A flaw has been found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userleads.php of the component Leads Generation Module. Executing manipulation can lead to unrestricted upload. The attack can be launched remotely. The exploit has been...

EUVD-2025-14183

Malicious code in bioql PyPI...

EUVD-2025-15671

Malicious code in bioql PyPI...

EUVD-2025-14182

Malicious code in bioql PyPI...

EUVD-2025-14173

Malicious code in bioql PyPI...

EUVD-2025-15986

Malicious code in bioql PyPI...

CVE-2025-6160 SourceCodester Client Database Management System user_customer_create_order.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /usercustomercreateorder.php. The manipulation of the argument userid leads to sql injection. The attack may be initiat...

CVE-2025-6160

CVE-2025-6160 affects SourceCodester Client Database Management System 1.0. Affects the file /user_customer_create_order.php where manipulation of the user_id parameter enables a SQL injection. The issue can be exploited remotely and, per sources, the exploit has been disclosed publicly. Public m...

PT-2025-25618

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description A critical issue has been found in the software, affecting the processing of the file /user customer create order.php. The manipulation of the user id argument leads to S...

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

CVE-2025-5840

SourceCodester Client Database Management System 1.0 contains a vulnerability in the file /user_update_customer_order.php where the uploaded_file parameter can be manipulated to achieve unrestricted file upload. This remote-access flaw could allow an attacker to upload arbitrary files, potentiall...

CVE-2025-5299

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

CVE-2025-5299

CVE-2025-5299 affects SourceCodester Client Database Management System v1.0. The vulnerability is in the file /user_order_customer_update.php, where manipulating the argument uploaded_file_cancelled enables unrestricted file upload. Exploitation is possible remotely and exploits have been disclos...

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

CVE-2025-5207

CVE-2025-5207 affects SourceCodester Client Database Management System 1.0. The vulnerability is an SQL injection in the file /superadmin_update_profile.php triggered by manipulating the nickname/email parameters, potentially exploitable remotely. Multiple connected sources corroborate the issue’...