Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
SourceCodester Client Database Management System: Unauthorized Access Risk
CVE-2026-3734
Summary
A flaw in the SourceCodester Client Database Management System allows an attacker to bypass permission checks and access sensitive data. This can happen remotely, and an exploit is already available. To stay secure, update to a patched version of the software or take immediate action to protect your system.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| lerouxyxchire | client_database_management_system | 1.0 | – |
Original title
A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of...
Original description
A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The exploit has been published and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization
Published: 8 Mar 2026 · Updated: 13 Mar 2026 · First seen: 8 Mar 2026