| CVE-2026-3764 | Hig | 0.47 | 7.3 | 0.00 | | Mar 8, 2026 | A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadmin_user_update.php. This manipulation causes improper authorization. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. |
| CVE-2026-3762 | Hig | 0.47 | 7.3 | 0.00 | | Mar 8, 2026 | A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The manipulation of the argument manager_id leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2026-3734 | Hig | 0.47 | 7.3 | 0.00 | | Mar 8, 2026 | A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The exploit has been published and may be used. |
| CVE-2025-14885 | Med | 0.41 | 6.3 | 0.00 | | Dec 18, 2025 | A flaw has been found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_leads.php of the component Leads Generation Module. Executing manipulation can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used. |
| CVE-2026-3761 | Med | 0.35 | 5.4 | 0.00 | | Mar 8, 2026 | A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. |
