Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simple_client_management_system
(Simple_client_management_system_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-01 | CVE-2021-43509 | SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php. | Simple_client_management_system | 9.8 | ||
| 2022-02-01 | CVE-2021-43510 | SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php. | Simple_client_management_system | 9.8 | ||
| 2022-03-21 | CVE-2022-26284 | Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests. | Simple_client_management_system | 9.8 | ||
| 2022-03-21 | CVE-2022-26285 | Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests. | Simple_client_management_system | 9.8 | ||
| 2022-03-31 | CVE-2021-43505 | Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice. | Simple_client_management_system | 5.4 | ||
| 2022-03-31 | CVE-2021-43506 | An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php. | Simple_client_management_system | 9.8 | ||
| 2022-03-31 | CVE-2021-43484 | A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request. | Simple_client_management_system | 9.8 | ||
| 2022-05-12 | CVE-2022-29747 | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id. | Simple_client_management_system | 9.8 | ||
| 2022-05-12 | CVE-2022-29748 | Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=. | Simple_client_management_system | 9.8 | ||
| 2022-05-12 | CVE-2022-29749 | Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice. | Simple_client_management_system | 9.8 |