CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

PT-2025-24347 · Unknown · Sourcecodester Client Database Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Client Database Management System. This issue affects an unknown part of the file /user update customer...

CVE-2025-46189

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userordercustomerupdate.php via the orderid POST parameter...

CVE-2025-46193

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in userproposalupdateorder.php...

CVE-2025-46193

Summary: CVE-2025-46193 affects SourceCodester Client Database Management System 1.0 and enables remote code execution via an arbitrary file upload in the vulnerable file path user_proposal_update_order.php. The CVSS v3.1 score is 9.8 (CRITICAL) with network attack vector, no privileges required,...