cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5361,https://securityvulnerability.io/vulnerability/CVE-2024-5361,SQL Injection Vulnerability in PHPGurukul Zoo Management System,"A critical SQL injection vulnerability exists in the PHPGurukul Zoo Management System version 2.1. This issue arises from improper handling of user input in the /admin/normal-bwdates-reports-details.php file, specifically the 'fromdate' parameter. An attacker can exploit this vulnerability remotely by sending crafted requests to manipulate the database queries. Successful exploitation may lead to unauthorized access to sensitive information or database manipulation. The vulnerability has been publicly disclosed, raising concerns for users and administrators to secure their applications promptly.",PHPgurukul,Zoo Management System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-26T10:00:07.000Z,true,false,false,,2024-05-26T11:00:07.645Z,0
CVE-2024-5360,https://securityvulnerability.io/vulnerability/CVE-2024-5360,SQL Injection Vulnerability in PHPGurukul Zoo Management System,"A critical security vulnerability has been identified within PHPGurukul's Zoo Management System version 2.1. This weakness allows for SQL injection through the manipulation of input within the 'fromdate' parameter in the 'foreigner-bwdates-reports-details.php' file. Attackers can exploit this vulnerability remotely, leading to unauthorized access to database content. This issue has been publicly disclosed, raising concerns over potential data breaches and the integrity of the system’s security.",PHPgurukul,Zoo Management System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-26T09:31:07.000Z,true,false,false,,2024-05-26T10:31:07.466Z,0
CVE-2024-5359,https://securityvulnerability.io/vulnerability/CVE-2024-5359,SQL Injection Vulnerability in PHPGurukul Zoo Management System,"A critical vulnerability has been identified in the PHPGurukul Zoo Management System version 2.1, specifically within the admin interface's foreigner-search.php file. This flaw allows an attacker to manipulate the searchdata argument, which can lead to remote SQL injection attacks. The exploitation of this vulnerability can compromise sensitive database information, making it crucial for users to review their system's security protocols. Public disclosure of the exploit emphasizes the urgent need for immediate mitigation measures.",PHPgurukul,Zoo Management System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-26T09:00:07.000Z,true,false,false,,2024-05-26T10:00:07.564Z,0
CVE-2024-5358,https://securityvulnerability.io/vulnerability/CVE-2024-5358,SQL Injection Vulnerability in PHPGurukul Zoo Management System,"A serious SQL injection vulnerability exists in the PHPGurukul Zoo Management System version 2.1, specifically in the /admin/normal-search.php functionality. By exploiting this flaw, an attacker can manipulate the 'searchdata' argument, enabling them to execute arbitrary SQL queries against the database remotely. This could result in unauthorized access to sensitive data or even complete compromise of the database. Given the public disclosure of this vulnerability, immediate action is recommended for organizations using this software to mitigate potential risks.",PHPgurukul,Zoo Management System,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-26T08:00:18.000Z,true,false,false,,2024-05-26T09:00:18.595Z,0
CVE-2024-5357,https://securityvulnerability.io/vulnerability/CVE-2024-5357,SQL Injection Vulnerability in PHPGurukul Zoo Management System,"A critical SQL injection vulnerability has been identified in the PHPGurukul Zoo Management System version 2.1, specifically within the /admin/forgot-password.php functionality. Attackers can exploit this vulnerability by manipulating the 'email' parameter, allowing for unauthorized SQL queries to be executed. This remote exploit poses significant risks as it can lead to unauthorized access to sensitive data. The vulnerability has been disclosed publicly, making it imperative for users of the affected system to implement immediate security measures to guard against potential attacks.",PHPgurukul,Zoo Management System,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-05-26T07:00:08.000Z,true,false,false,,2024-05-26T08:00:08.073Z,0
CVE-2023-41614,https://securityvulnerability.io/vulnerability/CVE-2023-41614,Stored Cross-Site Scripting Vulnerability in Zoo Management System by Unknown Vendor,"A vulnerability exists in the Add Animal Details function of the Zoo Management System version 1.0, enabling attackers to inject arbitrary web scripts or HTML into the Description of Animal parameter. This stored XSS flaw allows malicious users to execute scripts when an unsuspecting administrator or user accesses the affected areas, potentially compromising sensitive data and leading to further attacks.",PHPgurukul,Zoo Management System,4.8,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2023-09-21T23:15:00.000Z,0
CVE-2023-41615,https://securityvulnerability.io/vulnerability/CVE-2023-41615,SQL Injection Vulnerabilities in Zoo Management System by XYZ Corp,"The Zoo Management System v1.0 is susceptible to multiple SQL injection vulnerabilities found specifically in the Admin sign-in page, exploited through the username and password input fields. Attackers can potentially manipulate the input to execute arbitrary SQL queries, compromising sensitive data and allowing unauthorized access to the system. It is crucial for administrators using this platform to assess their security measures and implement appropriate validation practices to safeguard against such vulnerabilities.",PHPgurukul,Zoo Management System,9.8,CRITICAL,0.0014799999771639705,false,,false,false,false,,,false,false,,2023-09-08T03:15:00.000Z,0
CVE-2022-40925,https://securityvulnerability.io/vulnerability/CVE-2022-40925,Arbitrary File Upload Vulnerability in Zoo Management System by Pushpam,"The Zoo Management System version 1.0 contains a vulnerability that allows attackers to upload arbitrary files through the picture upload feature in the 'save_event' file within the Events module of the system's backend. This flaw can potentially lead to unauthorized code execution and manipulation of the system, posing significant security risks.",PHPgurukul,Zoo Management System,7.2,HIGH,0.0013000000035390258,false,,false,false,false,,,false,false,,2022-09-26T12:04:33.000Z,0
CVE-2022-40924,https://securityvulnerability.io/vulnerability/CVE-2022-40924,Arbitrary File Upload Vulnerability in Zoo Management System by Pushpam,"The Zoo Management System version 1.0 contains a vulnerability allowing arbitrary file uploads through the 'save_animal' feature within the Animals module of the backend management system. This flaw can potentially be exploited to upload malicious files, which may lead to remote code execution and compromise the system's integrity.",PHPgurukul,Zoo Management System,7.2,HIGH,0.0013000000035390258,false,,false,false,false,,,false,false,,2022-09-26T12:03:15.000Z,0
CVE-2022-40932,https://securityvulnerability.io/vulnerability/CVE-2022-40932,Arbitrary File Upload Vulnerability in Zoo Management System by Pushpam,"The Zoo Management System version 1.0 contains a vulnerability that allows an attacker to upload arbitrary files through the picture upload functionality of the 'Gallery' module in the background management system. This flaw could be exploited to execute unauthorized code or give attackers access to sensitive data, making it crucial for users to apply appropriate security measures.",PHPgurukul,Zoo Management System,7.2,HIGH,0.0013000000035390258,false,,false,false,false,,,false,false,,2022-09-22T15:59:43.000Z,0
CVE-2022-33075,https://securityvulnerability.io/vulnerability/CVE-2022-33075,Stored Cross-Site Scripting Vulnerability in Zoo Management System by Zoo,"The Zoo Management System version 1.0 contains a stored XSS vulnerability in its 'Add Classification' function. This flaw permits attackers to inject and execute arbitrary web scripts or HTML code through unspecified vectors, potentially compromising user data and the integrity of the application.",PHPgurukul,Zoo Management System,5.4,MEDIUM,0.0012000000569969416,false,,false,false,true,2022-07-16T10:44:52.000Z,true,false,false,,2022-07-05T17:33:42.000Z,0
CVE-2022-31897,https://securityvulnerability.io/vulnerability/CVE-2022-31897,Cross Site Scripting Vulnerability in SourceCodester Zoo Management System,"The SourceCodester Zoo Management System version 1.0 has a security vulnerability that allows attackers to execute arbitrary scripts in the context of the user's browser. This is achieved through the 'msg' parameter in the register_visitor function, enabling potential attackers to manipulate user sessions and access sensitive information. Proper input validation and sanitization measures must be implemented to mitigate this vulnerability.",PHPgurukul,Zoo Management System,6.1,MEDIUM,0.001930000027641654,false,,false,false,true,2022-07-16T10:55:32.000Z,true,false,false,,2022-06-29T00:41:59.000Z,0
CVE-2022-31914,https://securityvulnerability.io/vulnerability/CVE-2022-31914,Cross-Site Scripting Vulnerability in Zoo Management System by Mikeccltt,"The Zoo Management System v1.0 contains a cross-site scripting vulnerability that can be exploited through the endpoint zms/admin/public_html/save_animal?an_id=24. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising sensitive data and user interactions. Successful exploitation could lead to unauthorized access and manipulation of application data, emphasizing the importance of securing web applications against such vulnerabilities.",PHPgurukul,Zoo Management System,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-16T15:03:10.000Z,0
CVE-2022-27992,https://securityvulnerability.io/vulnerability/CVE-2022-27992,SQL Injection Vulnerability in Zoo Management System by D4rkP0w4r,"The Zoo Management System v1.0 contains a SQL injection vulnerability in the '/public_html/animals' endpoint due to improper handling of the 'class_id' parameter. This flaw allows an attacker to manipulate SQL queries, potentially leading to unauthorized data access and exposure.",PHPgurukul,Zoo Management System,8.8,HIGH,0.0031500000040978193,false,,false,false,false,,,false,false,,2022-04-08T08:23:46.000Z,0
CVE-2022-27351,https://securityvulnerability.io/vulnerability/CVE-2022-27351,Arbitrary File Upload Vulnerability in Zoo Management System by PHPGurukul,"The Zoo Management System v1.0 has been found to have an arbitrary file upload vulnerability that allows attackers to upload and execute malicious PHP files. This issue is accessed through the '/public_html/apply_vacancy' endpoint, enabling unauthorized users to execute arbitrary code on the server. Effective security measures should be implemented to prevent potential exploitation of this vulnerability.",PHPgurukul,Zoo Management System,9.8,CRITICAL,0.16498999297618866,false,,false,false,false,,,false,false,,2022-04-08T08:23:41.000Z,0
CVE-2020-25487,https://securityvulnerability.io/vulnerability/CVE-2020-25487,SQL Injection Vulnerability in PHPGURUKUL Zoo Management System,"The PHPGURUKUL Zoo Management System, specifically version 1.0, is prone to an SQL Injection vulnerability. This issue arises within the animal detail functionality accessible via the zms/animal-detail.php script. Attackers can manipulate SQL queries to gain unauthorized access to sensitive data or execute arbitrary SQL commands. Proper input validation and parameterized queries are critical to mitigate this vulnerability.",PHPgurukul,Zoo Management System,7.8,HIGH,0.0004199999966658652,false,,false,false,true,2020-09-22T16:37:46.000Z,true,false,false,,2020-09-22T16:54:00.000Z,0