cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-37771,https://securityvulnerability.io/vulnerability/CVE-2023-37771,SQL Injection Vulnerability in Art Gallery Management System by Anky,"The Art Gallery Management System version 1.0 is susceptible to a SQL injection vulnerability through the 'cid' parameter in the /agms/product.php endpoint. An attacker can exploit this weakness to execute arbitrary SQL commands that could lead to unauthorized data access or manipulation, compromising the integrity and confidentiality of the system's database. Protecting against such vulnerabilities is critical for the security of web applications, and it is advised to validate and sanitize user inputs effectively.",PHPgurukul,Art Gallery Management System,9.8,CRITICAL,0.0020600000862032175,false,,false,false,true,2023-07-19T14:51:04.000Z,true,false,false,,2023-07-31T00:00:00.000Z,0
CVE-2023-24726,https://securityvulnerability.io/vulnerability/CVE-2023-24726,SQL Injection Vulnerability in Art Gallery Management System by PHP Gurukul,"The Art Gallery Management System version 1.0 is affected by a SQL injection vulnerability found through the 'viewid' parameter on the enquiry page. This flaw allows attackers to manipulate SQL queries executed by the application, potentially leading to unauthorized access to sensitive data or even the complete compromise of the database. As a result, it's crucial for users of this system to implement available security patches and follow best practices to mitigate potential risks.",PHPgurukul,Art Gallery Management System,9.8,CRITICAL,0.0016299999551847577,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2023-23157,https://securityvulnerability.io/vulnerability/CVE-2023-23157,Stored Cross-Site Scripting in Art Gallery Management System by PHP Gurukul,"The Art Gallery Management System v1.0 by PHP Gurukul contains a stored cross-site scripting vulnerability that allows attackers to insert malicious scripts through the fullname parameter in the enquiry page. This flaw may result in the execution of arbitrary HTML or JavaScript code when a user accesses the compromised page, potentially leading to session hijacking, data theft, or other web-based attacks.",PHPgurukul,Art Gallery Management System,5.4,MEDIUM,0.0006699999794363976,false,,false,false,false,,,false,false,,2023-02-27T00:00:00.000Z,0
CVE-2023-23158,https://securityvulnerability.io/vulnerability/CVE-2023-23158,Stored Cross-Site Scripting Vulnerability in Art Gallery Management System by PHP Gurukul,"A stored cross-site scripting vulnerability exists in version 1.0 of the Art Gallery Management System developed by PHP Gurukul. An attacker can exploit this vulnerability by injecting a malicious payload into the message parameter on the enquiry page. This enables the execution of arbitrary web scripts or HTML, potentially compromising user data and leading to unauthorized actions on behalf of users.",PHPgurukul,Art Gallery Management System,5.4,MEDIUM,0.0006699999794363976,false,,false,false,false,,,false,false,,2023-02-27T00:00:00.000Z,0
CVE-2023-23155,https://securityvulnerability.io/vulnerability/CVE-2023-23155,SQL Injection Vulnerability in Art Gallery Management System by PHP Gurukul,"The Art Gallery Management System Project in PHP version 1.0 has been found to be vulnerable to SQL injection attacks through the username parameter in the Admin Login. This security flaw could allow unauthorized users to manipulate the database, potentially exposing sensitive information or compromising the integrity of the application. Developers and administrators are urged to apply necessary security measures and updates to mitigate this vulnerability.",PHPgurukul,Art Gallery Management System,9.8,CRITICAL,0.001509999972768128,false,,false,false,false,,,false,false,,2023-02-27T00:00:00.000Z,0
CVE-2023-23156,https://securityvulnerability.io/vulnerability/CVE-2023-23156,SQL Injection Vulnerability in Art Gallery Management System by PHP Gurukul,"The Art Gallery Management System Project in PHP 1.0 has a vulnerability that allows for SQL injection through improper handling of the 'pid' parameter on the single product page. This flaw could enable attackers to manipulate database queries, leading to unauthorized access to sensitive data. It is crucial for users to understand the implications of this vulnerability and implement timely updates or patches to safeguard against potential exploitation.",PHPgurukul,Art Gallery Management System,9.8,CRITICAL,0.001990000018849969,false,,false,false,false,,,false,false,,2023-02-27T00:00:00.000Z,0
CVE-2023-23163,https://securityvulnerability.io/vulnerability/CVE-2023-23163,SQL Injection Vulnerability in Art Gallery Management System by PHP Gurukul,"The Art Gallery Management System Project version 1.0 has been identified to have a SQL injection vulnerability that can be exploited through the 'editid' parameter. This type of vulnerability allows an attacker to manipulate SQL queries and potentially gain unauthorized access to the database, extract sensitive data, or even perform administrative operations. Users of this system should prioritize applying patches and reviewing their input validation mechanisms to mitigate the risk posed by this vulnerability.",PHPgurukul,Art Gallery Management System,9.8,CRITICAL,0.008030000142753124,false,,false,false,false,,,false,false,,2023-02-10T00:00:00.000Z,0
CVE-2023-23162,https://securityvulnerability.io/vulnerability/CVE-2023-23162,SQL Injection Vulnerability in Art Gallery Management System by phpGurukul,"The Art Gallery Management System v1.0 is susceptible to an SQL injection vulnerability through the 'cid' parameter in product.php. This flaw allows attackers to manipulate SQL queries, potentially leading to unauthorized access to sensitive data and compromise of the application’s integrity. It is crucial for users of this software to apply necessary security measures to protect against potential exploits.",PHPgurukul,Art Gallery Management System,9.8,CRITICAL,0.008030000142753124,false,,false,false,false,,,false,false,,2023-02-10T00:00:00.000Z,0
CVE-2023-23161,https://securityvulnerability.io/vulnerability/CVE-2023-23161,Reflected Cross-Site Scripting Vulnerability in Art Gallery Management System by PHP Gurukul,"A reflected cross-site scripting vulnerability exists in version 1.0 of the Art Gallery Management System, enabling attackers to inject malicious scripts through a specially crafted payload. This exploit targets the 'artname' parameter within the ART TYPE option in the navigation bar, allowing execution of arbitrary HTML or JavaScript code when users interact with affected components. Consequently, this poses significant risks, such as session hijacking and data theft, underscoring the need for immediate remediation.",PHPgurukul,Art Gallery Management System,6.1,MEDIUM,0.10604999959468842,false,,false,false,false,,,false,false,,2023-02-10T00:00:00.000Z,0