Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
SourceCodester Client Database Management System: Unauthorized User Deletion
CVE-2026-3761
Summary
An attacker can delete any user, not just those they are authorized to, potentially disrupting system security and integrity. This can happen if an attacker has the ability to manipulate certain data. You should update to the latest version of the SourceCodester Client Database Management System to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| lerouxyxchire | client_database_management_system | 1.0 | – |
Original title
A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executin...
Original description
A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used.
nvd CVSS2.0
5.5
nvd CVSS3.1
5.4
nvd CVSS4.0
5.3
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization
Published: 8 Mar 2026 · Updated: 14 Mar 2026 · First seen: 8 Mar 2026