PT-2025-20575 · Sourcecodester · Sourcecodester Client Database Management System

Publicado

2025-05-09

Atualizado

2025-12-27

CVE-2025-46188

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0

Description SourceCodester Client Database Management System version 1.0 is susceptible to SQL Injection through the superadmin phpmyadmin.php file. The issue allows for potential unauthorized database access and manipulation. The vulnerable file is superadmin phpmyadmin.php. The vulnerability exists due to insufficient input validation when processing requests to this file.

Recommendations Update SourceCodester Client Database Management System to a newer version that addresses this SQL Injection issue. As a temporary workaround, restrict access to the superadmin phpmyadmin.php file to authorized personnel only.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2025-46188

Produtos afetados

Sourcecodester Client Database Management System

PT-2025-20575 · Sourcecodester · Sourcecodester Client Database Management System

CVE-2025-46188

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10