cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10300,https://securityvulnerability.io/vulnerability/CVE-2024-10300,SQL Injection Vulnerability in PHPGurukul Medical Card Generation System,"A serious SQL injection vulnerability has been discovered in the PHPGurukul Medical Card Generation System version 1.0, specifically in the View Enquiry Page component located at /admin/view-enquiry.php. This vulnerability arises from improper handling of the 'viewid' parameter, allowing an attacker to craft malicious input that can manipulate SQL queries executed by the application, potentially exposing sensitive data or allowing unauthorized actions. Remote attackers are able to exploit this vulnerability, raising significant security concerns for users of the system. Immediate attention and patching are recommended to safeguard against potential exploitation.",PHPGurukul,Medical Card Generation System,7.2,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-10-23T20:15:00.000Z,0
CVE-2024-10301,https://securityvulnerability.io/vulnerability/CVE-2024-10301,SQL Injection Vulnerability in PHPGurukul Medical Card Generation System,"A critical security vulnerability has been identified in the PHPGurukul Medical Card Generation System version 1.0. This issue resides in an unknown function within the file /admin/search-medicalcard.php, specifically affecting the Search component. The problem arises due to insufficient input validation, allowing attackers to manipulate the 'searchdata' parameter, which can lead to SQL injection attacks. This vulnerability can be exploited remotely, granting potential intruders unauthorized access to sensitive data stored in the database. The exploit has been publicly disclosed and can be used by malicious actors to compromise the security of affected installations.",PHPGurukul,Medical Card Generation System,7.2,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-10-23T20:15:00.000Z,0
CVE-2024-10298,https://securityvulnerability.io/vulnerability/CVE-2024-10298,SQL Injection Vulnerability in PHPGurukul Medical Card Generation System,"A significant SQL injection vulnerability has been identified in the PHPGurukul Medical Card Generation System version 1.0, specifically affecting the Managecard Edit Card Detail Page located at /admin/edit-card-detail.php. This flaw allows an attacker to manipulate the 'editid' parameter, potentially executing malicious SQL queries against the database. As this vulnerability can be exploited remotely, it poses a serious risk to the confidentiality and integrity of sensitive data managed by the system. Users are urged to implement security measures promptly to mitigate the risks associated with this vulnerability and maintain the security of their medical card administration systems.",PHPgurukul,Medical Card Generation System,7.2,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-10-23T19:15:00.000Z,0
CVE-2024-10299,https://securityvulnerability.io/vulnerability/CVE-2024-10299,SQL Injection Vulnerability in PHPGurukul Medical Card Generation System,"A significant vulnerability has been identified in the PHPGurukul Medical Card Generation System version 1.0, specifically in the Managecard View Detail Page located at /admin/view-card-detail.php. This security flaw allows an attacker to perform SQL injection by manipulating the viewid parameter. The remote nature of this exploit means that attackers can execute unauthorized SQL queries on the backend database, potentially leading to data breaches and system compromise. The vulnerability has been publicly disclosed, raising urgent concerns about the security of systems relying on this application. It's essential for organizations using this software to implement corrective measures immediately to mitigate the risks posed by this vulnerability.",PHPGurukul,Medical Card Generation System,7.2,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2024-10-23T19:15:00.000Z,0
CVE-2024-10297,https://securityvulnerability.io/vulnerability/CVE-2024-10297,SQL Injection Vulnerability in PHPGurukul Medical Card Generation System,"A significant vulnerability has been identified within the PHPGurukul Medical Card Generation System version 1.0. Specifically, an SQL injection vulnerability exists in the Managecard Edit Image Page located at /admin/changeimage.php. The issue arises from improper handling of the 'editid' parameter, allowing attackers to manipulate SQL queries and potentially gain unauthorized access to sensitive data. This vulnerability can be exploited remotely, posing a significant risk to organizations utilizing this system. Publicly disclosed exploits may already be available, underscoring the urgency for users to implement effective remediation measures.",PHPgurukul,Medical Card Generation System,4.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-10296,https://securityvulnerability.io/vulnerability/CVE-2024-10296,PHPGurukul Medical Card Generation System Report of Medical Card Page card-bwdates-reports-details.php sql injection,"A SQL injection vulnerability has been identified in the PHPGurukul Medical Card Generation System version 1.0. The issue arises from the manipulation of parameters in the file /admin/card-bwdates-reports-details.php within the Report of Medical Card Page component. This weakness allows attackers to inject malicious SQL queries, potentially compromising the confidentiality and integrity of the database. The vulnerability can be exploited remotely, which raises significant security concerns for users of the system. The exploit details have been made public, increasing the urgency for affected users to implement protective measures.",PHPgurukul,Medical Card Generation System,7.2,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-10-23T17:15:00.000Z,0