cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1964,https://securityvulnerability.io/vulnerability/CVE-2023-1964,PHPGurukul Bank Locker Management System Password Reset recovery.php sql injection,"An SQL Injection vulnerability has been identified in the PHPGurukul Bank Locker Management System version 1.0. The flaw resides in the password reset component, specifically in the recovery.php file. It allows an attacker to manipulate input parameters such as uname/mobile, enabling them to execute arbitrary SQL queries against the database. This can lead to unauthorized access to sensitive information. Attackers can exploit this vulnerability remotely, making it a significant security concern. The vulnerability has been disclosed publicly, and remediation is crucial to protect user data.",PHPgurukul,Bank Locker Management System,7.3,HIGH,0.0026000000070780516,false,,false,false,true,2023-04-09T09:15:00.000Z,true,false,false,,2023-04-09T09:15:00.000Z,0
CVE-2023-1963,https://securityvulnerability.io/vulnerability/CVE-2023-1963,PHPGurukul Bank Locker Management System Search index.php sql injection,"A vulnerability has been discovered in the PHPGurukul Bank Locker Management System version 1.0, specifically affecting the 'Search' component's handling of the input from the index.php file. An attacker may exploit this weakness by crafting a specially formed input that reaches the searchinput argument, enabling SQL injection attacks. This vulnerability can be exploited remotely, potentially allowing malicious actors to execute arbitrary SQL commands within the application's database. Public disclosures related to this issue have been made, heightening the urgency for users to ensure their systems are adequately protected. More details can be found in the references.",PHPGurukul,Bank Locker Management System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-09T08:15:00.000Z,0
CVE-2023-0562,https://securityvulnerability.io/vulnerability/CVE-2023-0562,PHPGurukul Bank Locker Management System Login index.php sql injection,"A SQL injection vulnerability exists in the PHPGurukul Bank Locker Management System 1.0, specifically within the index.php file of the Login component. By manipulating the 'username' parameter, an attacker can exploit this flaw, potentially allowing unauthorized access to the application's database. This vulnerability can be exploited remotely, making it essential for users to update their systems to prevent possible exploitation.",PHPgurukul,Bank Locker Management System,7.3,HIGH,0.17430000007152557,false,,false,false,false,,,false,false,,2023-01-28T23:15:00.000Z,0
CVE-2023-0563,https://securityvulnerability.io/vulnerability/CVE-2023-0563,PHPGurukul Bank Locker Management System Assign Locker add-locker-form.php cross site scripting,A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219717 was assigned to this vulnerability.,PHPGurukul,Bank Locker Management System,4.8,MEDIUM,0.018629999831318855,false,,false,false,false,,,false,false,,2023-01-28T23:15:00.000Z,0