cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-7099,https://securityvulnerability.io/vulnerability/CVE-2023-7099,PHPGurukul Nipah Virus Testing Management System bwdates-report-result.php sql injection,"A SQL injection vulnerability exists within the PHPGurukul Nipah Virus Testing Management System version 1.0, specifically affecting the processing of the 'fromdate' argument in the file 'bwdates-report-result.php'. This security flaw allows for remote attackers to manipulate the arguments, potentially leading to unauthorized access to the database. The vulnerability has been disclosed publicly, emphasizing the importance of applying security patches and mitigation measures to protect against possible exploitation.",PHPGurukul,Nipah Virus Testing Management System,9.8,CRITICAL,0.0014400000218302011,false,,false,false,false,,,false,false,,2023-12-25T03:15:00.000Z,0
CVE-2023-6648,https://securityvulnerability.io/vulnerability/CVE-2023-6648,PHPGurukul Nipah Virus Testing Management System password-recovery.php sql injection,"A security flaw in PHPGurukul's Nipah Virus Testing Management System (version 1.0) allows attackers to exploit the password-recovery.php file through SQL injection. By manipulating the username parameter, an attacker can execute arbitrary SQL queries, potentially compromising the database and retrieving sensitive information. This vulnerability can be exploited remotely, making it critical for users to implement patches and safeguards immediately to secure their systems against unauthorized access.",PHPGurukul,Nipah Virus Testing Management System,9.8,CRITICAL,0.0014299999456852674,false,,false,false,false,,,false,false,,2023-12-10T09:15:00.000Z,0
CVE-2023-6474,https://securityvulnerability.io/vulnerability/CVE-2023-6474,PHPGurukul Nipah Virus Testing Management System manage-phlebotomist.php cross-site request forgery,A vulnerability has been found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file manage-phlebotomist.php. The manipulation of the argument pid leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246640.,PHPGurukul,Nipah Virus Testing Management System,6.5,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2023-12-03T00:15:00.000Z,0
CVE-2023-6465,https://securityvulnerability.io/vulnerability/CVE-2023-6465,PHPGurukul Nipah Virus Testing Management System registered-user-testing.php cross site scripting,A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615.,PHPgurukul,Nipah Virus Testing Management System,4.3,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-12-02T12:15:00.000Z,0
CVE-2023-6442,https://securityvulnerability.io/vulnerability/CVE-2023-6442,PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php cross site scripting,A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add-phlebotomist.php. The manipulation of the argument empid/fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246445 was assigned to this vulnerability.,PHPGurukul,Nipah Virus Testing Management System,5.4,MEDIUM,0.0013899999903514981,false,,false,false,false,,,false,false,,2023-11-30T21:15:00.000Z,0
CVE-2023-6402,https://securityvulnerability.io/vulnerability/CVE-2023-6402,PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php sql injection,"A SQL injection vulnerability exists in the PHPGurukul Nipah Virus Testing Management System version 1.0, specifically affecting the add-phlebotomist.php file. This vulnerability arises from improper handling of the 'empid' parameter, allowing remote attackers to manipulate SQL queries. The public disclosure of this exploit increases the risk of unauthorized database access, compromising sensitive information and the integrity of the system.",PHPGurukul,Nipah Virus Testing Management System,8.8,HIGH,0.0015699999639764428,false,,false,false,false,,,false,false,,2023-11-30T15:15:00.000Z,0
CVE-2023-6297,https://securityvulnerability.io/vulnerability/CVE-2023-6297,PHPGurukul Nipah Virus Testing Management System Search Report Page patient-search-report.php cross site scripting,A vulnerability classified as problematic has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file patient-search-report.php of the component Search Report Page. The manipulation of the argument Search By Patient Name with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246123.,PHPGurukul,Nipah Virus Testing Management System,6.1,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2023-11-26T23:15:00.000Z,0
CVE-2023-5804,https://securityvulnerability.io/vulnerability/CVE-2023-5804,PHPGurukul Nipah Virus Testing Management System login.php sql injection,"A SQL injection vulnerability exists in the login.php file of the PHPGurukul Nipah Virus Testing Management System version 1.0. This vulnerability allows an attacker to manipulate the username argument, enabling unauthorized access to the database. Due to its design, the vulnerability is accessible remotely, which raises significant security concerns for users of this web application. Administrators are encouraged to implement immediate patching and conduct a thorough security review to mitigate potential risks.",PHPGurukul,Nipah Virus Testing Management System,9.8,CRITICAL,0.0014100000262260437,false,,false,false,false,,,false,false,,2023-10-26T20:15:00.000Z,0
CVE-2023-46583,https://securityvulnerability.io/vulnerability/CVE-2023-46583,Cross-Site Scripting Vulnerability in PHPGurukul Testing Management System,"A Cross-Site Scripting (XSS) vulnerability exists in PHPGurukul's Testing Management System version 1.0 that allows attackers to inject malicious payloads into the State field. If exploited, this vulnerability can enable attackers to execute arbitrary code, potentially compromising user data and application integrity. It is crucial for users of this system to implement necessary security measures and updates to mitigate the risks associated with this flaw.",PHPgurukul,Nipah Virus Testing Management System,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-10-25T00:00:00.000Z,0
CVE-2023-46584,https://securityvulnerability.io/vulnerability/CVE-2023-46584,SQL Injection Vulnerability in PHPGurukul Testing Management System,"A SQL Injection vulnerability exists in the PHPGurukul Nipah virus Testing Management System v.1.0, which allows remote attackers to escalate privileges through a specially crafted request sent to the new-user-testing.php endpoint. Exploiting this vulnerability could enable unauthorized users to gain access to sensitive functions and data within the application, posing a substantial security risk.",PHPgurukul,Nipah Virus Testing Management System,9.8,CRITICAL,0.002520000096410513,false,,false,false,false,,,false,false,,2023-10-25T00:00:00.000Z,0