GitHub

sourcecodester Client Database Management System V1.0 /user_customer_create_order.php SQL injection

Attackers can exploit this SQL injection vulnerability to achieve unauthorized database access, sensitive data leakage, data tampering, comprehensive system control, and even service interruption, ...
GitHub

Sourcecodester Client Database Management System V1.0 /user_delivery_update.php has a file upload vulnerability

1.Validate File Type (MIME Type & Extension): • Check both the MIME type and file extension against an allowlist of permitted file types (e.g. jpg, png, pdf). • Do not rely solely on client-side ...