cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-13001,https://securityvulnerability.io/vulnerability/CVE-2024-13001,SQL Injection Vulnerability in PHPGurukul Small CRM 1.0,"An SQL injection vulnerability exists in PHPGurukul Small CRM 1.0, specifically in the handling of the email parameter within the /admin/index.php file. This security flaw allows an attacker to manipulate inputs and execute arbitrary SQL commands via a remote connection, significantly compromising the database security. As this issue has been publicly disclosed, it poses a serious risk to systems running the affected version of the product, making it crucial for administrators to apply appropriate security measures and updates to mitigate potential exploits.",PHPgurukul,Small Crm,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2024-12-29T03:00:13.428Z,0
CVE-2024-13000,https://securityvulnerability.io/vulnerability/CVE-2024-13000,SQL Injection Vulnerability in PHPGurukul Small CRM,"A significant SQL injection vulnerability exists within the PHPGurukul Small CRM version 1.0, specifically in the file '/admin/quote-details.php'. This flaw arises from improper handling of user input, allowing attackers to manipulate the argument 'id'. As a result, an attacker can execute arbitrary SQL commands, potentially compromising the database. The issue can be exploited remotely, making it accessible to unauthorized users. Given its public disclosure, it poses a serious threat to systems utilizing this software, emphasizing the urgent need for remediation and patching.",PHPgurukul,Small Crm,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2024-12-29T02:31:05.299Z,0
CVE-2024-12999,https://securityvulnerability.io/vulnerability/CVE-2024-12999,SQL Injection Vulnerability in PHPGurukul Small CRM Product,"A security vulnerability exists within the PHPGurukul Small CRM version 1.0, specifically in the /admin/edit-user.php file. This flaw arises from improper handling of the 'id' argument, allowing for SQL injection attacks. Such vulnerabilities can enable malicious actors to execute arbitrary SQL commands, potentially compromising the underlying database and its integrity. The risk is heightened as this exploit can be initiated remotely, making it crucial for users and administrators to address this issue promptly to safeguard their data and application functionality.",PHPgurukul,Small Crm,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2024-12-29T02:15:00.000Z,0
CVE-2024-3691,https://securityvulnerability.io/vulnerability/CVE-2024-3691,SQL Injection Vulnerability in PHPGurukul Small CRM Registration Page,"A critical SQL injection vulnerability has been identified in the registration page of PHPGurukul Small CRM version 3.0. This security issue allows attackers to execute arbitrary SQL queries remotely, potentially leading to unauthorized data access or manipulation. The vulnerability stems from improper handling of user input, which fails to sanitize data, making it susceptible to SQL injection attacks. With the exploit now publicly disclosed, organizations utilizing this CRM are urged to implement immediate security measures, including updating to a patched version, to mitigate the risk of exploitation.",PHPgurukul,Small Crm,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-12T14:31:04.000Z,true,false,false,,2024-04-12T15:31:04.866Z,0
CVE-2024-3690,https://securityvulnerability.io/vulnerability/CVE-2024-3690,SQL Injection Vulnerability in PHPGurukul Small CRM Change Password Functionality,"A critical vulnerability has been identified in PHPGurukul's Small CRM version 3.0, specifically in the Change Password Handler component. The flaw allows an attacker to execute SQL injection attacks, enabling unauthorized database access and manipulation. This vulnerability can be exploited remotely, making it essential for organizations to take immediate action to safeguard their systems. As the exploit method has been disclosed publicly, proactive measures should be implemented to mitigate potential risks.",PHPgurukul,Small Crm,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-12T14:00:05.000Z,true,false,false,,2024-04-12T15:00:05.672Z,0