VYPR

Leads Manager Tool

by Sourcecodester

CVEs (4)

  • CVE-2024-7643MedAug 12, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql…

  • CVE-2024-7942LowAug 20, 2024
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phone_number leads to cross site scripting. The attack can be initiated…

  • CVE-2024-7644LowAug 12, 2024
    risk 0.23cvss 3.5epss 0.01

    A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leads_name/phone_number leads to cross…

  • CVE-2025-63716Nov 7, 2025
    risk 0.00cvss epss 0.00

    The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints.