Simple Client Management System is a simple client management system from Carlo Montero’s personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in cms/admin?page=client/ The vulnerability is caused by the lack of validation of external input SQL statements in manage_client&id=, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.