Description
A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The exploit has been published and may be used.
Published: 2026-03-08
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Improper Authorization leading to unauthorized access of manager data
Action: Immediate Patch
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 09 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Lerouxyxchire
Lerouxyxchire client Database Management System
CPEs cpe:2.3:a:lerouxyxchire:client_database_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Lerouxyxchire
Lerouxyxchire client Database Management System

Mon, 09 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Sourcecodester
Sourcecodester client Database Management System
Vendors & Products Sourcecodester
Sourcecodester client Database Management System

Sun, 08 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Description A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The exploit has been published and may be used.
Title SourceCodester Client Database Management System Endpoint fetch_manager_details.php improper authorization
Weaknesses CWE-266
CWE-285
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Lerouxyxchire Client Database Management System
Sourcecodester Client Database Management System
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-11T19:52:23.851Z

Reserved: 2026-03-07T18:02:57.457Z

Link: CVE-2026-3734

cve-icon Vulnrichment

Updated: 2026-03-11T19:52:20.088Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-08T13:16:00.823

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-3734

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T04:30:13Z

Weaknesses