Simple Client Management System is a simple client management system from Carlo Montero’s personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which originates from a vulnerability in /cms/classes/Master. php?f=delete_client in the post request id parameter lack of validation of external input SQL statements, an attacker can use this vulnerability to execute illegal SQL commands to steal sensitive database data.