Vulnerabilities > Simple Client Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2022-29983 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=. | 9.8 |
| 2022-05-12 | CVE-2022-29984 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=. | 9.8 |
| 2022-03-31 | CVE-2021-43484 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request. | 9.8 |
| 2022-03-31 | CVE-2021-43505 | Cross-site Scripting vulnerability in Simple Client Management System Project Simple Client Management System 1.0 Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice. | 5.4 |
| 2022-03-31 | CVE-2021-43506 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php. | 9.8 |
| 2022-03-21 | CVE-2022-26284 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. | 9.8 |
| 2022-03-21 | CVE-2022-26285 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. | 9.8 |
| 2022-02-01 | CVE-2021-43509 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php. | 9.8 |
| 2022-02-01 | CVE-2021-43510 | SQL Injection vulnerability in Simple Client Management System Project Simple Client Management System 1.0 SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php. | 9.8 |