CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29980
https://notcve.org/view.php?id=CVE-2022-29980
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=. Simple Client Management System versión 1.0, es vulnerable a una inyección SQL por medio de /cms/admin/?page=user/manage_user&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/simple-client-management-system/SQLi-7.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29982
https://notcve.org/view.php?id=CVE-2022-29982
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=. Simple Client Management System versión 1.0, es vulnerable a una inyección SQL por medio de /cms/admin/maintenance/manage_service.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/simple-client-management-system/SQLi-9.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29983
https://notcve.org/view.php?id=CVE-2022-29983
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=. Simple Client Management System versión 1.0, es vulnerable a una inyección SQL por medio de /cms/admin/?page=invoice/view_invoice&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/simple-client-management-system/SQLi-10.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29984
https://notcve.org/view.php?id=CVE-2022-29984
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=. Simple Client Management System versión 1.0, es vulnerable a una inyección SQL por medio de /cms/admin/?page=client/view_client&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/simple-client-management-system/SQLi-11.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2021-43484
https://notcve.org/view.php?id=CVE-2021-43484
A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request. Se presenta una vulnerabilidad de Ejecución de Código Remota (RCE) en Simple Client Management System versión 1.0, en el archivo create.php debido a que no es comprobada la extensión del archivo que es enviada en una petición • https://www.exploit-db.com/exploits/50094 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •