cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10414,https://securityvulnerability.io/vulnerability/CVE-2024-10414,Cross Site Scripting Vulnerability in PHPGurukul Vehicle Record System 1.0,"A vulnerability, which was classified as problematic, was found in PHPGurukul Vehicle Record System 1.0. This affects an unknown part of the file /admin/edit-brand.php. The manipulation of the argument Brand Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions the parameter ""phone_number"" to be affected. But this might be a mistake because the textbox field label is ""Brand Name"".",PHPgurukul,Vehicle Record System,4.8,MEDIUM,0.0007800000021234155,false,,false,false,true,2024-10-27T10:31:05.000Z,true,false,false,,2024-10-27T10:31:05.206Z,0
CVE-2024-10331,https://securityvulnerability.io/vulnerability/CVE-2024-10331,SQL Injection Vulnerability in PHPGurukul Vehicle Record System,"A serious SQL injection vulnerability has been identified in PHPGurukul's Vehicle Record System version 1.0, specifically within the /admin/search-vehicle.php file. This security flaw arises from improper processing of the 'searchinputdata' parameter, which can be manipulated to execute arbitrary SQL commands. As a result, attackers can exploit this vulnerability remotely, potentially leading to unauthorized access to the database and exposure of sensitive information. Given the public disclosure of the exploit, it is crucial for users of the affected software to implement immediate security measures to mitigate this risk.",PHPgurukul,Vehicle Record System,8.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2024-10-24T11:00:07.775Z,0