CVE-2026-3762

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System versions 1.0 through 3.1

Description A flaw exists in the Endpoint component of the software, specifically within the /superadmin delete manager.php file. Improper authorization can be triggered by manipulating the manager id argument. This allows for remote exploitation. The exploit has been publicly disclosed.

Recommendations Versions prior to 1.0 and 3.1 are not affected. Versions 1.0 and 3.1: Address improper authorization by carefully validating the manager id argument in the /superadmin delete manager.php file.