CVE-2026-3762

EUVD-2026-10265
A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The manipulation of the argument manager_id leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
lerouxyxchireclient_database_management_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/Adarshh-A/1aae387a3cf4ea05c871ddafc64d0348
https://vuldb.com/?ctiid.349740
https://vuldb.com/?id.349740
https://vuldb.com/?submit.768122
https://www.sourcecodester.com/