cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1948,https://securityvulnerability.io/vulnerability/CVE-2023-1948,PHPGurukul BP Monitoring Management System Add New Family Member add-family-member.php cross site scripting,"A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225335.",PHPGurukul,BP Monitoring Management System,6.1,MEDIUM,0.0011399999493733048,false,,false,false,false,,,false,false,,2023-04-08T08:15:00.000Z,0
CVE-2023-1949,https://securityvulnerability.io/vulnerability/CVE-2023-1949,PHPGurukul BP Monitoring Management System Change Password change-password.php sql injection,"A vulnerability exists in the BP Monitoring Management System 1.0, specifically within the Change Password Handler component. This issue occurs in the change-password.php file due to inadequate validation of the password parameter, allowing an attacker to manipulate input values and execute unauthorized SQL commands. The vulnerability facilitates remote exploitation, posing a significant risk to the integrity and confidentiality of the application's database. With the exploit details made publicly available, swift remediation is essential to mitigate potential threats.",PHPGurukul,BP Monitoring Management System,9.8,CRITICAL,0.0021100000012665987,false,,false,false,false,,,false,false,,2023-04-08T08:15:00.000Z,0
CVE-2023-1950,https://securityvulnerability.io/vulnerability/CVE-2023-1950,PHPGurukul BP Monitoring Management System Password Recovery password-recovery.php sql injection,"A vulnerability exists in the PHPGurukul BP Monitoring Management System 1.0, specifically in the password-recovery.php file related to the password recovery feature. This vulnerability allows remote attackers to exploit the system by manipulating the emailid or contactno parameters, leading to SQL injection attacks. Such attacks could enable unauthorized access to sensitive database information. The issue has been publicly disclosed and poses a significant risk to organizations using this product. Users are strongly encouraged to apply security patches or mitigations as they become available.",PHPGurukul,BP Monitoring Management System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-08T08:15:00.000Z,0
CVE-2023-1909,https://securityvulnerability.io/vulnerability/CVE-2023-1909,PHPGurukul BP Monitoring Management System User Profile Update profile.php sql injection,"A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225318 is the identifier assigned to this vulnerability.",PHPGurukul,BP Monitoring Management System,6.5,MEDIUM,0.0019000000320374966,false,,false,false,false,,,false,false,,2023-04-07T17:15:00.000Z,0
CVE-2023-27074,https://securityvulnerability.io/vulnerability/CVE-2023-27074,SQL Injection Vulnerability in BP Monitoring Management System by Bhavesh Kush,"A SQL injection vulnerability has been identified in the login functionality of BP Monitoring Management System v1.0, allowing attackers to manipulate the 'emailid' parameter. This weakness could enable unauthorized access or data breach, highlighting the need for immediate remediation to protect sensitive data.",PHPgurukul,Bp Monitoring Management System,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-03-14T00:00:00.000Z,0