cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3091,https://securityvulnerability.io/vulnerability/CVE-2024-3091,Cross Site Scripting Vulnerability in /admin/search.php of Search Request Page,A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/search.php of the component Search Request Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258684.,PHPgurukul,Emergency Ambulance Hiring Portal,2.4,LOW,0.00044999999227002263,false,,false,false,true,2024-03-30T13:31:03.000Z,true,false,false,,2024-03-30T13:31:03.574Z,0
CVE-2024-3090,https://securityvulnerability.io/vulnerability/CVE-2024-3090,Cross Site Scripting Vulnerability in /admin/add-ambulance.php,A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/add-ambulance.php of the component Add Ambulance Page. The manipulation of the argument Ambulance Reg No/Driver Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258683.,PHPgurukul,Emergency Ambulance Hiring Portal,2.4,LOW,0.00044999999227002263,false,,false,false,true,2024-03-30T13:00:04.000Z,true,false,false,,2024-03-30T13:00:04.772Z,0
CVE-2024-3089,https://securityvulnerability.io/vulnerability/CVE-2024-3089,Cross-Site Request Forgery Vulnerability in Manage Ambulance Page,"A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Manage Ambulance Page of the Emergency Ambulance Hiring Portal by PHPGurukul. This vulnerability is rooted in improper handling of the 'del' argument within the /admin/manage-ambulance.php file. Attackers can exploit this weakness to initiate unauthorized actions on behalf of authenticated users without their consent. As the exploit has been publicly disclosed, the potential for it to be used against vulnerable installations underscores the need for immediate security measures to protect sensitive data and maintain the integrity of the platform.",PHPgurukul,Emergency Ambulance Hiring Portal,4.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-03-30T11:31:03.000Z,true,false,false,,2024-03-30T11:31:03.732Z,0
CVE-2024-3088,https://securityvulnerability.io/vulnerability/CVE-2024-3088,SQL Injection Vulnerability in PHPGurukul Emergency Ambulance Hiring Portal,"The PHPGurukul Emergency Ambulance Hiring Portal version 1.0 contains a significant vulnerability in the forgot password functionality, specifically within the /admin/forgot-password.php file. This vulnerability allows an unauthenticated user to manipulate the 'username' parameter, leading to SQL injection attacks. It enables remote attackers to execute arbitrary SQL queries, potentially compromising sensitive information stored in the database. Given the public disclosure of this vulnerability, immediate remediation is recommended to mitigate the risk of unauthorized access and data breaches. For more technical details, refer to the following resources: [VDB-258681 Entry](https://vuldb.com/?id.258681) and the [Exploit Documentation](https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_forgotpasssqli.md).",PHPgurukul,Emergency Ambulance Hiring Portal,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-03-30T11:00:05.000Z,true,false,false,,2024-03-30T11:00:05.544Z,0
CVE-2024-3087,https://securityvulnerability.io/vulnerability/CVE-2024-3087,SQL Injection Flaw in PHPGurukul Emergency Ambulance Hiring Portal,"A serious SQL injection vulnerability has been discovered in the PHPGurukul Emergency Ambulance Hiring Portal version 1.0, specifically impacting the ambulance-tracking.php file. This vulnerability arises from improper sanitization of user input through the 'searchdata' parameter, allowing malicious actors to execute arbitrary SQL commands remotely. Successful exploitation could lead to unauthorized access to sensitive data from the backend database, causing significant risks to data confidentiality and integrity. Users and administrators are urged to apply the necessary security patches and implement input validation measures to safeguard against potential attacks.",PHPgurukul,Emergency Ambulance Hiring Portal,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-03-30T10:31:04.000Z,true,false,false,,2024-03-30T10:31:04.302Z,0
CVE-2024-3086,https://securityvulnerability.io/vulnerability/CVE-2024-3086,Cross Site Scripting Vulnerability in Ambulance-Tracking.php Could Lead to Remote Exploitation,"A vulnerability has been identified in the PHPGurukul Emergency Ambulance Hiring Portal version 1.0. This issue is located in the file ambulance-tracking.php, specifically within its searchdata argument. Attackers can exploit this vulnerability to execute cross-site scripting (XSS) attacks remotely, potentially compromising the integrity and confidentiality of user data. The exploit has been made public, raising concerns about the security of systems that utilize this software. Organizations using this version are strongly advised to apply appropriate security measures to mitigate possible exploitation.",PHPgurukul,Emergency Ambulance Hiring Portal,4.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-03-30T09:00:04.000Z,true,false,false,,2024-03-30T09:00:04.100Z,0
CVE-2024-3085,https://securityvulnerability.io/vulnerability/CVE-2024-3085,SQL Injection Vulnerability in PHPGurukul Emergency Ambulance Hiring Portal,"The Emergency Ambulance Hiring Portal developed by PHPGurukul contains a SQL Injection vulnerability located in the /admin/login.php file. This flaw allows an attacker to manipulate the username argument, leading to unauthorized access and remote exploitation. The vulnerability has been publicly disclosed, heightening the risk for users and organizations that deploy this version of the web application. It is crucial for users to assess their security measures and apply appropriate patches or mitigations to safeguard against potential threats.",PHPgurukul,Emergency Ambulance Hiring Portal,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-03-30T08:31:04.000Z,true,false,false,,2024-03-30T08:31:04.160Z,0
CVE-2024-3084,https://securityvulnerability.io/vulnerability/CVE-2024-3084,Cross Site Scripting Vulnerability in Hire an Ambulance Page,A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Hire an Ambulance Page. The manipulation of the argument Patient Name/Relative Name/Relative Phone Number/City/State/Message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258677 was assigned to this vulnerability.,PHPgurukul,Emergency Ambulance Hiring Portal,4.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-03-30T07:31:04.000Z,true,false,false,,2024-03-30T07:31:04.348Z,0