CVE-2021-43657

MEDIUM

Simple Client Management System 1.0 - Stored Cross-Site Scripting via MAster.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-43657. PoCs published by c0n5n3d.

AI-analyzed exploit summary This repository contains only a README file describing CVE-2021-43657, with no actual exploit code or technical details provided. It mentions the vulnerability was found in an open-source Employee Task Management System but lacks specifics.

Description

A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields.

Exploits (1)

nomisec WRITEUP 3 stars
by c0n5n3d · poc
https://github.com/c0n5n3d/CVE-2021-43657

This repository contains only a README file describing CVE-2021-43657, with no actual exploit code or technical details provided. It mentions the vulnerability was found in an open-source Employee Task Management System but lacks specifics.

Classification
Writeup 30%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Employee Task Management System (version unspecified)
No auth needed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 5.4
EPSS 0.0072
EPSS Percentile 49.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-79
Status published
Products (1)
simple_client_management_system_project/simple_client_management_system 1.0
Published Dec 22, 2022
Tracked Since Feb 18, 2026