cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-13004,https://securityvulnerability.io/vulnerability/CVE-2024-13004,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"A vulnerability has been identified in PHPGurukul's Complaint Management System version 1.0, specifically within the admin functionality located in the file /admin/category.php. The issue arises from improper handling of the 'state' argument, enabling an SQL injection attack that can be executed remotely. This flaw exposes the database to unauthorized queries, which could lead to unauthorized data access or manipulation. Public disclosure of this vulnerability highlights the urgency for users to implement appropriate security measures to safeguard their systems.",PHPgurukul,Complaint Management System,6.9,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-12-29T06:31:05.000Z,true,false,false,,2024-12-29T06:31:05.405Z,0
CVE-2024-12977,https://securityvulnerability.io/vulnerability/CVE-2024-12977,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"The PHPGurukul Complaint Management System version 1.0 contains a vulnerability in the file located at /admin/state.php, which is susceptible to SQL injection attacks. Attackers can manipulate the state parameter, enabling unauthorized access to the database. This vulnerability can be exploited remotely, allowing potential attackers to execute malicious SQL queries that may compromise sensitive data. With the exploit being publicly disclosed, it highlights the urgent need for users to apply necessary patches and implement security best practices to mitigate risks.",PHPgurukul,Complaint Management System,5.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-12-27T01:31:06.000Z,true,false,false,,2024-12-27T01:31:06.730Z,0
CVE-2024-12230,https://securityvulnerability.io/vulnerability/CVE-2024-12230,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"CVE-2024-12230 identifies a critical SQL injection vulnerability within the PHPGurukul Complaint Management System 1.0. The flaw exists specifically within the '/admin/subcategory.php' file, where improper handling of the 'category' parameter allows remote attackers to execute arbitrary SQL code. This can lead to unauthorized access to the database, manipulation of sensitive data, or complete system compromise. It is crucial for users of this system to implement patches and follow best security practices to mitigate the risk associated with this vulnerability.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-12-05T14:31:09.000Z,true,false,false,,2024-12-05T14:31:09.399Z,0
CVE-2024-12229,https://securityvulnerability.io/vulnerability/CVE-2024-12229,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"A critical SQL injection vulnerability has been identified in version 1.0 of the PHPGurukul Complaint Management System. Located within the /admin/complaint-search.php file, this vulnerability allows attackers to manipulate the 'search' argument, potentially leading to unauthorized access and data manipulation. The exploit can be executed remotely, posing significant risks to data integrity and security. It is imperative for organizations using this software to assess their exposure to this vulnerability and apply necessary mitigations promptly.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-12-05T14:31:06.000Z,true,false,false,,2024-12-05T14:31:06.449Z,0
CVE-2024-12228,https://securityvulnerability.io/vulnerability/CVE-2024-12228,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"CVE-2024-12228 is a critical SQL injection vulnerability found in the PHPGurukul Complaint Management System version 1.0. This vulnerability allows attackers to manipulate input parameters, specifically in the /admin/user-search.php file. It enables remote execution of SQL queries, potentially compromising sensitive data and allowing unauthorized access. Due to its public disclosure, immediate action is advised to secure affected installations from potential exploitation.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-12-05T13:31:09.000Z,true,false,false,,2024-12-05T13:31:09.200Z,0
CVE-2024-11967,https://securityvulnerability.io/vulnerability/CVE-2024-11967,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"The CVE-2024-11967 vulnerability involves a critical SQL injection found in the reset-password.php file of the PHPGurukul Complaint Management System version 1.0. An attacker can exploit this vulnerability by manipulating the 'email' parameter, which allows unauthorized SQL queries to be executed remotely. This can lead to unauthorized access to sensitive data and overall system compromise. As this exploit has been publicly disclosed, it is imperative for users to apply patches or mitigate the risks associated with this vulnerability promptly.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-11-28T18:00:14.000Z,true,false,false,,2024-11-28T18:00:14.034Z,0
CVE-2024-11966,https://securityvulnerability.io/vulnerability/CVE-2024-11966,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"CVE-2024-11966 is a critical SQL injection vulnerability identified in the PHPGurukul Complaint Management System version 1.0. This vulnerability arises in the processing of inputs in the file /admin/index.php, specifically through the manipulation of the 'username' parameter. Attackers can exploit this vulnerability remotely, enabling them to execute arbitrary SQL queries against the application's database. This could lead to unauthorized data access, modification, or even complete system compromise. Given the public disclosure of this vulnerability, it is essential for users and organizations relying on this software to immediately evaluate their exposure and take necessary security measures.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-11-28T17:31:06.000Z,true,false,false,,2024-11-28T17:31:06.291Z,0
CVE-2024-11965,https://securityvulnerability.io/vulnerability/CVE-2024-11965,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"A critical SQL injection vulnerability has been identified in the PHPGurukul Complaint Management System 1.0, specifically within the '/user/reset-password.php' file. The vulnerability arises from the improper handling of the 'email' parameter, allowing attackers to manipulate SQL queries executed by the application. This manipulation could potentially enable unauthorized access to sensitive information or control over the database. The exploit is publicly disclosed and can be executed remotely, posing a significant threat to users of the affected system.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-11-28T17:00:15.000Z,true,false,false,,2024-11-28T17:00:15.264Z,0
CVE-2024-11964,https://securityvulnerability.io/vulnerability/CVE-2024-11964,SQL Injection Vulnerability in PHPGurukul Complaint Management System,"CVE-2024-11964 is a critical SQL injection vulnerability found in the PHPGurukul Complaint Management System version 1.0. This vulnerability resides in the /user/index.php file and arises from improper validation of the 'emailid' parameter. Attackers can exploit this flaw to execute arbitrary SQL queries against the database, potentially compromising sensitive information. The vulnerability is remotely exploitable, allowing an attacker to manipulate the input without needing direct access to the underlying system. Given the public disclosure of this exploit, it poses a significant risk to users of the software, making immediate mitigation essential.",PHPgurukul,Complaint Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-11-28T17:00:11.000Z,true,false,false,,2024-11-28T17:00:11.627Z,0