cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10422,https://securityvulnerability.io/vulnerability/CVE-2024-10422,SQL Injection Vulnerability in SourceCodester Attendance and Payroll System,"A critical SQL injection vulnerability has been identified in SourceCodester Attendance and Payroll System version 1.0. This vulnerability arises from improper handling of user input in the /admin/overtime_add.php file, specifically through the manipulation of the 'id' argument. Attackers can exploit this flaw remotely, leading to unauthorized access to the database and potential extraction or alteration of sensitive data. The vulnerability has been publicly disclosed, highlighting the urgency for affected organizations to implement necessary security measures and update their systems. For more details, you can refer to the vulnerability database and advisories.",Sourcecodester,Attendance And Payroll System,9.8,CRITICAL,0.003599999938160181,false,false,false,true,true,false,false,2024-10-27T17:31:05.110Z,0
CVE-2024-10421,https://securityvulnerability.io/vulnerability/CVE-2024-10421,SQL Injection Vulnerability in SourceCodester Attendance and Payroll System,"A serious SQL injection vulnerability has been identified in SourceCodester's Attendance and Payroll System version 1.0. This security flaw is located in the overtime_row.php file and is triggered by manipulating the 'id' argument, allowing attackers to execute unauthorized SQL commands remotely. Given the nature of this vulnerability, it poses a significant risk to data integrity and confidentiality, making it crucial for users to apply recommended security measures immediately. Comprehensive remediation strategies should be employed to mitigate the potential impact of an exploit.",Sourcecodester,Attendance And Payroll System,9.8,CRITICAL,0.0016599999507889152,false,false,false,true,true,false,false,2024-10-27T17:00:07.072Z,0
CVE-2024-10420,https://securityvulnerability.io/vulnerability/CVE-2024-10420,File Upload Vulnerability in SourceCodester Attendance and Payroll System,"A serious file upload vulnerability has been identified in the SourceCodester Attendance and Payroll System version 1.0. The flaw exists due to inadequate validation of user inputs in the file upload feature located in update.php. The vulnerability allows unauthenticated attackers to upload malicious files, which could lead to remote code execution and full system compromise. This security issue has been made publicly known, increasing the risk of exploitation. Organizations using this software should prioritize patching or mitigating the vulnerability to protect their systems against potential attacks.",Sourcecodester,Attendance And Payroll System,9.8,CRITICAL,0.0035699999425560236,false,false,false,true,true,false,false,2024-10-27T15:31:04.852Z,0