cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-37781,https://securityvulnerability.io/vulnerability/CVE-2021-37781,Cross Site Scripting Vulnerability in Employee Record Management System by PHP Gurukul,"The Employee Record Management System version 1.2 is susceptible to Cross Site Scripting (XSS) attacks via the editempprofile.php file. This vulnerability can allow an attacker to inject malicious scripts into web pages that are viewed by other users. If successfully exploited, it could lead to unauthorized actions, data theft, or compromised user sessions.",PHPgurukul,Employee Record Management System,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-10-28T00:00:00.000Z,0
CVE-2021-37782,https://securityvulnerability.io/vulnerability/CVE-2021-37782,SQL Injection Vulnerability in Employee Record Management System by PHP Gurukul,The Employee Record Management System version 1.2 contains a vulnerability that allows attackers to execute arbitrary SQL queries via the 'editempprofile.php' file. This flaw can potentially expose sensitive employee data and compromise the integrity of the database. Organizations using this software are urged to review their implementation and patch the vulnerability to safeguard against unauthorized access to critical information.,PHPgurukul,Employee Record Management System,9.8,CRITICAL,0.0021200000774115324,false,,false,false,false,,,false,false,,2022-10-28T00:00:00.000Z,0
CVE-2021-44965,https://securityvulnerability.io/vulnerability/CVE-2021-44965,Directory Traversal Vulnerability in PHPGURUKUL Employee Record Management System,"A directory traversal vulnerability exists in PHPGURUKUL's Employee Record Management System 1.2, which allows an attacker to manipulate path variables. By exploiting this flaw, the attacker could retrieve and download sensitive files from the server's filesystem, potentially exposing confidential information and leading to unauthorized data access.",PHPgurukul,Employee Record Management System,7.5,HIGH,0.0031999999191612005,false,,false,false,false,,,false,false,,2021-12-13T14:43:24.000Z,0
CVE-2021-44966,https://securityvulnerability.io/vulnerability/CVE-2021-44966,SQL Injection Bypass Vulnerability in PHPGURUKUL Employee Record Management System,"The PHPGURUKUL Employee Record Management System 1.2 has a SQL injection bypass authentication vulnerability via index.php. This flaw allows attackers to authenticate as admin, posing a significant risk as they could potentially alter, delete, or manipulate sensitive data within the system.",PHPgurukul,Employee Record Management System,9.8,CRITICAL,0.0026700000744313,false,,false,false,false,,,false,false,,2021-12-13T14:20:43.000Z,0
CVE-2021-43451,https://securityvulnerability.io/vulnerability/CVE-2021-43451,SQL Injection Vulnerability in PHPGURUKUL Employee Record Management System,"An SQL Injection vulnerability exists in version 1.2 of PHPGURUKUL's Employee Record Management System. This flaw can be exploited through the Email POST parameter in the /forgetpassword.php endpoint, potentially allowing unauthorized access to sensitive information stored in the database. Attackers can manipulate SQL queries through input fields, leading to data leakage or unauthorized data manipulation.",PHPgurukul,Employee Record Management System,9.8,CRITICAL,0.009890000335872173,false,,false,false,false,,,false,false,,2021-12-01T18:14:00.000Z,0
CVE-2020-35427,https://securityvulnerability.io/vulnerability/CVE-2020-35427,SQL Injection Vulnerability in PHPGurukul Employee Record Management System,"An SQL injection vulnerability exists in the PHPGurukul Employee Record Management System version 1.1, enabling remote attackers to execute arbitrary SQL queries. This vulnerability allows unauthorized users to manipulate the backend database, potentially leading to data leaks, unauthorized access to sensitive information, and bypassing user authentication mechanisms.",PHPgurukul,Employee Record Management System,9.8,CRITICAL,0.01281999982893467,false,,false,false,false,,,false,false,,2021-07-20T13:22:44.000Z,0