Simple Client Management System Security Vulnerabilities and Issues — Simple Client Management System CVE List

Lucene search

Simple Client Management System ProjectSimple Client Management System

5 matches found

CVE•added 2022/03/21 11:15 p.m.•81 views

CVE-2022-26284

Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.

9.8CVSS9.6AI score0.03044EPSS

CVE•added 2022/03/21 11:15 p.m.•75 views

CVE-2022-26285

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.

9.8CVSS9.6AI score0.03044EPSS

CVE•added 2022/03/31 7:15 p.m.•73 views

CVE-2021-43484

A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request.

9.8CVSS9.5AI score0.12708EPSS

CVE•added 2022/03/31 5:15 p.m.•57 views

CVE-2021-43505

Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice.

5.4CVSS5.5AI score0.00195EPSS

CVE•added 2022/03/31 5:15 p.m.•55 views

CVE-2021-43506

An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php.

9.8CVSS9.9AI score0.00517EPSS