cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3768,https://securityvulnerability.io/vulnerability/CVE-2024-3768,SQL Injection Vulnerability in PHPGurukul News Portal,"A critical SQL injection vulnerability has been identified in PHPGurukul/itsourcecode News Portal 4.1, specifically in the processing of the `search.php` file. This vulnerability arises from improper handling of the `searchtitle` parameter, allowing an attacker to manipulate SQL queries executed by the application. The exploitation can be executed remotely, posing a significant threat to the integrity and confidentiality of the database. With the exploit publicly disclosed, organizations using this software should take immediate actions to mitigate risks associated with unauthorized data access.",PHPgurukul,News Portal,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-15T02:31:04.000Z,true,false,false,,2024-04-15T03:31:04.399Z,0
CVE-2024-3767,https://securityvulnerability.io/vulnerability/CVE-2024-3767,SQL Injection Vulnerability in PHPGurukul News Portal,"A significant SQL injection vulnerability has been identified in PHPGurukul News Portal version 4.1, specifically within the /admin/edit-post.php file. This flaw allows attackers to manipulate the 'posttitle' parameter, potentially gaining unauthorized access to backend database operations. The vulnerability can be exploited remotely, which poses a serious risk to the integrity and confidentiality of the data handled by the application. Given the disclosure of the exploit to the public, immediate action is recommended to mitigate any risks associated with this vulnerability.",PHPgurukul,News Portal,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-15T02:00:05.000Z,true,false,false,,2024-04-15T03:00:05.339Z,0
CVE-2021-37808,https://securityvulnerability.io/vulnerability/CVE-2021-37808,SQL Injection Vulnerability in News Portal Project by PHP Gurukul,"The News Portal Project 3.1 by PHP Gurukul is susceptible to SQL Injection vulnerabilities through specific parameters including category, subcategory, sucatdescription, and username. Attackers can exploit these vulnerabilities, particularly leveraging MySQL Blind SQL injection techniques that induce time delays in server responses. This allows potential intruders to manipulate database queries and extract sensitive information using tools such as sqlmap.",PHPgurukul,News Portal,5.9,MEDIUM,0.011420000344514847,false,,false,false,false,,,false,false,,2021-10-27T16:21:03.000Z,0