Client Database Management System Security Vulnerabilities and Issues — Client Database Management System CVE List

Lucene search

LerouxyxchireClient Database Management System

9 matches found

CVE•added 2025/05/09 5:15 p.m.•54 views

CVE-2025-46192

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter.

9.8CVSS8.3AI score0.00046EPSS

CVE•added 2025/05/09 5:15 p.m.•53 views

CVE-2025-46191

Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via the uploaded_file_cancelled field. Due to the absence of proper file extension checks, MIME type validation, and authentication, attack...

9.8CVSS8.7AI score0.00176EPSS

CVE•added 2025/05/09 4:15 p.m.•48 views

CVE-2025-46189

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id POST parameter.

9.8CVSS8.3AI score0.00049EPSS

CVE•added 2025/05/09 5:15 p.m.•46 views

CVE-2025-46190

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST parameter.

9.8CVSS8.1AI score0.00046EPSS

CVE•added 2025/05/26 10:15 p.m.•45 views

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadmin_update_profile.php. The manipulation of the argument nickname/email leads to sql injection. The att...

9.8CVSS5.2AI score0.00033EPSS

CVE•added 2025/05/09 4:15 p.m.•43 views

CVE-2025-46188

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadmin_phpmyadmin.php.

9.8CVSS7.9AI score0.00049EPSS

CVE•added 2025/05/09 4:15 p.m.•43 views

CVE-2025-46193

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in user_proposal_update_order.php.

9.8CVSS7.8AI score0.00391EPSS

CVE•added 2025/05/20 10:15 p.m.•43 views

CVE-2025-5002

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_proposal_update_order.php. The manipulation of the argument order_id leads to sql injection. It is possible to initiate the attack rem...

9.8CVSS7.6AI score0.00037EPSS

CVE•added 2025/05/19 9:15 a.m.•22 views

CVE-2025-4924

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /user_void_transaction.php. The manipulation of the argument order_id leads to sql injection. It is possible to launch the attack remotel...

9.8CVSS7.4AI score0.00034EPSS