Downloading Client Database Management System

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-6160 HIGH POC This Week

A critical SQL injection vulnerability exists in SourceCodester Client Database Management System version 1.0 affecting the /user_customer_create_order.php file, where the user_id parameter is inadequately sanitized. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion. Public disclosure and proof-of-concept availability elevate exploitation risk, though the CVSS 7.3 rating indicates moderate real-world impact rather than critical severity.

PHP SQLi Downloading Client Database Management System
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-6160
EPSS 0% CVSS 7.3
HIGH POC This Week

A critical SQL injection vulnerability exists in SourceCodester Client Database Management System version 1.0 affecting the /user_customer_create_order.php file, where the user_id parameter is inadequately sanitized. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion. Public disclosure and proof-of-concept availability elevate exploitation risk, though the CVSS 7.3 rating indicates moderate real-world impact rather than critical severity.

PHP SQLi Downloading Client Database Management System
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy