CVE-2026-3761

MEDIUM 5.4

SourceCodester Client Database Management System Endpoint superadmin_user_delete.php improper authorization

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used.

CWE	CWE-285 CWE-266
Vendor	sourcecodester
Product	client database management system
Published	Mar 8, 2026
Last Updated	Mar 11, 2026

Stay Ahead of the Next One

Get instant alerts for sourcecodester client database management system

Be the first to know when new medium vulnerabilities affecting sourcecodester client database management system are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

SourceCodester / Client Database Management System

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.349739 vuldb.com: https://vuldb.com/?ctiid.349739 vuldb.com: https://vuldb.com/?submit.768120 gist.github.com: https://gist.github.com/Adarshh-A/dd8884d768d9dde9072fe5efce453824 sourcecodester.com: https://www.sourcecodester.com/

Credits

🔍 Adarsh007 (VulDB User)