cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10768,https://securityvulnerability.io/vulnerability/CVE-2024-10768,Cross Site Scripting Vulnerability in PHPGurukul Online Shopping Portal 2.0,A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/two_tables.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,5.4,MEDIUM,0.0007600000244565308,false,,false,false,true,2024-11-04T18:31:06.000Z,true,false,false,,2024-11-04T18:31:06.063Z,0
CVE-2024-10757,https://securityvulnerability.io/vulnerability/CVE-2024-10757,Cross-Site Scripting (XSS) Vulnerability in /admin/assets/plugins/DataTables/media/unit_testing/templates/js_data.php,"A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Shopping Portal 2.0. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/js_data.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-04T03:00:12.000Z,true,false,false,,2024-11-04T03:00:12.075Z,0
CVE-2024-10756,https://securityvulnerability.io/vulnerability/CVE-2024-10756,Cross-Site Scripting (XSS) Vulnerability in PHPGurukul Online Shopping Portal 2.0,A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/html_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-04T03:00:09.000Z,true,false,false,,2024-11-04T03:00:09.262Z,0
CVE-2024-10755,https://securityvulnerability.io/vulnerability/CVE-2024-10755,Cross Site Scripting Vulnerability Discovered in PHPGurukul Online Shopping Portal 2.0,A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. Affected is an unknown function of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/empty_table.php. The manipulation of the argument scripts leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-04T02:31:08.000Z,true,false,false,,2024-11-04T02:31:08.131Z,0
CVE-2024-10754,https://securityvulnerability.io/vulnerability/CVE-2024-10754,Cross Site Scripting Vulnerability in PHPGurukul Online Shopping Portal 2.0,A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dymanic_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-04T02:31:05.000Z,true,false,false,,2024-11-04T02:31:05.519Z,0
CVE-2024-10753,https://securityvulnerability.io/vulnerability/CVE-2024-10753,Remote Cross-Site Scripting Vulnerability in PHPGurukul Online Shopping Portal 2.0,A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_two_headers.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-11-04T02:00:08.000Z,true,false,false,,2024-11-04T02:00:08.516Z,0
CVE-2024-10746,https://securityvulnerability.io/vulnerability/CVE-2024-10746,Cross Site Scripting Vulnerability Discovered in PHPGurukul Online Shopping Portal 2.0,A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The manipulation of the argument scripts leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-04T00:15:00.000Z,true,false,false,,2024-11-04T00:15:00.000Z,0
CVE-2024-10747,https://securityvulnerability.io/vulnerability/CVE-2024-10747,Cross Site Scripting Vulnerability Found in PHPGurukul Online Shopping Portal 2.0,"A vulnerability identified within the PHPGurukul Online Shopping Portal version 2.0 involves improper handling of arguments in the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th.php. This weakness enables attackers to execute cross site scripting (XSS) attacks, allowing the manipulation of user inputs via remote exploitation. The potential for unauthorized access and data manipulation poses a significant security risk, as the exploit has been disclosed and may be leveraged by malicious actors. Safeguarding against this vulnerability requires immediate attention to secure coding practices and implementing updates to the affected product.",PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-04T00:15:00.000Z,true,false,false,,2024-11-04T00:15:00.000Z,0
CVE-2024-10745,https://securityvulnerability.io/vulnerability/CVE-2024-10745,Cross Site Scripting Vulnerability in PHPGurukul Online Shopping Portal 2.0,A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/deferred_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-03T23:15:00.000Z,true,false,false,,2024-11-03T23:15:00.000Z,0
CVE-2024-10744,https://securityvulnerability.io/vulnerability/CVE-2024-10744,Cross Site Scripting Vulnerability in PHPGurukul Online Shopping Portal,A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-03T22:31:05.000Z,true,false,false,,2024-11-03T22:31:05.571Z,0
CVE-2024-10743,https://securityvulnerability.io/vulnerability/CVE-2024-10743,Cross Site Scripting Vulnerability in PHPGurukul Online Shopping Portal 2.0,A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been classified as problematic. Affected is an unknown function of the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.,PHPgurukul,Online Shopping Portal,6.1,MEDIUM,0.0010100000072270632,false,,false,false,true,2024-11-03T21:31:05.000Z,true,false,false,,2024-11-03T21:31:05.719Z,0
CVE-2024-9326,https://securityvulnerability.io/vulnerability/CVE-2024-9326,SQL Injection Vulnerability in PHPGurukul Online Shopping Portal Admin Panel,"A significant vulnerability has been discovered in the PHPGurukul Online Shopping Portal 2.0, impacting the Admin Panel specifically in the file located at /shopping/admin/index.php. The issue arises from improper handling of user-supplied input in the username field, which makes it susceptible to SQL injection attacks. Threat actors can exploit this weakness remotely, allowing them to manipulate the database queries and potentially gain unauthorized access to sensitive information. Given that this vulnerability has already been publicly disclosed, it poses a serious risk to users and administrators who are urged to secure their systems against potential exploitation.",PHPgurukul,Online Shopping Portal,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-11-27T23:49:54.000Z,true,false,false,,2024-09-29T08:00:09.100Z,0
CVE-2023-38890,https://securityvulnerability.io/vulnerability/CVE-2023-38890,SQL Injection Vulnerability in Online Shopping Portal Project 3.1,"The Online Shopping Portal Project 3.1 suffers from a vulnerability that allows remote attackers to perform SQL Injection attacks through insufficient validation of user-supplied input in the login form. By exploiting this flaw, attackers can execute arbitrary SQL queries, leading to unauthorized access to sensitive data and potential manipulation of the database. Proper input validation and sanitation must be implemented to mitigate this critical security risk. For more details, visit the official reference at GitHub.",PHPgurukul,Online Shopping Portal,8.8,HIGH,0.0037799999117851257,false,,false,false,true,2023-08-18T16:37:39.000Z,true,false,false,,2023-08-18T00:00:00.000Z,0
CVE-2023-37772,https://securityvulnerability.io/vulnerability/CVE-2023-37772,SQL Injection Vulnerability in Online Shopping Portal Project v3.1 by PHP Gurukul,"An SQL injection vulnerability has been identified in version 3.1 of the Online Shopping Portal Project by PHP Gurukul. This flaw occurs through the Email parameter within the /shopping/login.php endpoint, allowing unauthorized users to manipulate database queries. Exploiting this vulnerability could potentially lead to the exposure of sensitive information or unauthorized access to backend databases, threatening the integrity and confidentiality of user data.",PHPgurukul,Online Shopping Portal,8.8,HIGH,0.0019000000320374966,false,,false,false,true,2023-07-27T18:48:10.000Z,true,false,false,,2023-08-01T01:15:00.000Z,0
CVE-2023-3605,https://securityvulnerability.io/vulnerability/CVE-2023-3605,PHPGurukul Online Shopping Portal Registration Page excessive authentication,A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233467.,PHPgurukul,Online Shopping Portal,6.5,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2023-07-10T20:15:00.000Z,0
CVE-2021-46110,https://securityvulnerability.io/vulnerability/CVE-2021-46110,Multiple Time-Based SQL Injection Vulnerabilities in Online Shopping Portal by Online Shopping Portal,"The Online Shopping Portal v3.1 has been identified to have multiple vulnerabilities that allow for time-based SQL injection through the email and contactno parameters. This flaw could enable attackers to execute unauthorized SQL commands, potentially leading to data leakage or manipulation. It is crucial for users of this software to apply the necessary updates and patches to mitigate the risks associated with these vulnerabilities.",PHPgurukul,Online Shopping Portal,9.8,CRITICAL,0.0026700000744313,false,,false,false,false,,,false,false,,2022-02-18T20:10:04.000Z,0
CVE-2021-37807,https://securityvulnerability.io/vulnerability/CVE-2021-37807,SQL Injection Vulnerability in Online Shopping Portal by PhpGurukul,"The Online Shopping Portal 3.1 by PhpGurukul contains an SQL Injection vulnerability that affects the '/check_availability.php' endpoint. By manipulating the 'email' parameter, an unauthorized user can potentially access sensitive data or perform unauthorized actions within the system. This issue allows for the exploitation of the database through crafted inputs, underscoring the importance of validating and sanitizing user inputs to enhance the security posture of the application.",PHPgurukul,Online Shopping Portal,7.5,HIGH,0.005640000104904175,false,,false,false,false,,,false,false,,2021-10-27T16:06:21.000Z,0