cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5135,https://securityvulnerability.io/vulnerability/CVE-2024-5135,PHPGurukul Directory Management System index.php sql injection,"A vulnerability has been identified in the PHPGurukul Directory Management System 1.0, specifically in the processing of the /admin/index.php file. This issue arises from the manipulation of the username argument, which can allow for SQL injection attacks. This vulnerability can be exploited remotely, posing significant risks to the security of the application and potentially allowing attackers to execute unauthorized database queries and gain access to sensitive information. Given the public disclosure of this exploit, organizations utilizing this software should take immediate action to mitigate potential security breaches.",PHPgurukul,Directory Management System,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-05-20T08:15:00.000Z,true,false,false,,2024-05-20T09:15:00.000Z,0
CVE-2022-31382,https://securityvulnerability.io/vulnerability/CVE-2022-31382,SQL Injection Vulnerability in Directory Management System by Directory.com,"A SQL injection vulnerability has been identified in the Directory Management System v1.0, enabling an attacker to manipulate SQL queries through the 'searchdata' parameter in 'search-directory.php'. This flaw could allow unauthorized access to data or even compromise the integrity of the database. Users of the affected versions are advised to apply necessary security patches and review their systems for potential exploits.",PHPgurukul,Directory Management System,9.8,CRITICAL,0.0020800000056624413,false,,false,false,false,,,false,false,,2022-06-16T16:46:06.000Z,0
CVE-2022-31383,https://securityvulnerability.io/vulnerability/CVE-2022-31383,SQL Injection Vulnerability in Directory Management System by PHP Gurukul,"The Directory Management System v1.0 developed by PHP Gurukul is susceptible to a SQL injection vulnerability that can be exploited via the 'editid' parameter in the view-directory.php script. This security flaw allows attackers to manipulate database queries, potentially leading to unauthorized access to sensitive data and the ability to alter database content. It is crucial for users of this product to apply necessary patches and implement security measures to mitigate this risk.",PHPgurukul,Directory Management System,9.8,CRITICAL,0.0020800000056624413,false,,false,false,false,,,false,false,,2022-06-16T16:41:18.000Z,0
CVE-2022-31384,https://securityvulnerability.io/vulnerability/CVE-2022-31384,SQL Injection Vulnerability in Directory Management System by PHP Gurukul,"A vulnerable SQL injection flaw has been identified in the Directory Management System v1.0, allowing attackers to exploit the ‘fullname’ parameter in 'add-directory.php'. By manipulating this parameter, an attacker may run unauthorized SQL commands, potentially gaining access to sensitive database information and compromising the security of the application.",PHPgurukul,Directory Management System,9.8,CRITICAL,0.0020800000056624413,false,,false,false,false,,,false,false,,2022-06-16T16:37:22.000Z,0
CVE-2022-29006,https://securityvulnerability.io/vulnerability/CVE-2022-29006,SQL Injection Vulnerabilities in Directory Management System by Sudoninja,"The Directory Management System v1.0 by Sudoninja contains multiple SQL injection vulnerabilities that are triggered via the username and password parameters in its Admin panel. These flaws allow attackers to manipulate SQL queries, potentially leading to unauthorized access and the ability to bypass authentication measures. Organizations using this system should take immediate action to patch these vulnerabilities to safeguard their data against exploitation.",PHPgurukul,Directory Management System,9.8,CRITICAL,0.7593600153923035,false,,false,false,true,2022-05-21T11:55:36.000Z,true,false,false,,2022-05-11T13:08:00.000Z,0