| Title | SourceCodester Sales Tracker Management System 1.0 SQL Injection |
|---|
| Description | A SQL injection vulnerability exists in Sales Tracker Management System 1.0 in the file admin/clients/view_client.php. The id parameter of a GET request is directly embedded into a raw MySQL query without sanitization or prepared statements, allowing an authenticated attacker to extract sensitive data from the database. |
|---|
| Source | ⚠️ https://gist.github.com/Mohdanass/3121f18e33fffb73b066cc6c6d3aebd7 |
|---|
| User | Anas22335 (UID 96357) |
|---|
| Submission | 03/12/2026 19:27 (17 days ago) |
|---|
| Moderation | 03/27/2026 17:28 (15 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 222644 [SourceCodester Sales Tracker Management System 1.0 view_client.php ID sql injection] |
|---|
| Points | 0 |
|---|