Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Simple Client Management System Project Subscribe
Filtered by product Simple Client Management System
Total 19 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43657 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 N/A 5.4 MEDIUM
A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields.
CVE-2021-43505 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice.
CVE-2022-29980 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=.
CVE-2022-29982 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=.
CVE-2022-26285 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVE-2022-29979 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.
CVE-2021-43484 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request.
CVE-2022-29748 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.
CVE-2022-29981 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.
CVE-2022-29984 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=.
CVE-2022-29751 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client.
CVE-2022-29749 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice.
CVE-2022-29747 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.
CVE-2021-43506 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php.
CVE-2022-29983 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.
CVE-2022-26284 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVE-2022-29750 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service.
CVE-2021-43510 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php.
CVE-2021-43509 1 Simple Client Management System Project 1 Simple Client Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024