cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7949,https://securityvulnerability.io/vulnerability/CVE-2024-7949,SQL Injection Vulnerability in SourceCodester Online Graduate Tracer System,"A critical vulnerability has been identified in the SourceCodester Online Graduate Tracer System, impacting versions up to 1.0. This vulnerability is due to improper handling of the request parameter within the file /tracking/admin/fetch_genderit.php, allowing attackers to manipulate SQL queries executed by the application. An attacker can exploit this vulnerability remotely by sending crafted requests, potentially leading to unauthorized access to sensitive data and the ability to compromise the affected system. Given that the exploit has been publicly disclosed, immediate action should be taken to mitigate associated risks.",Sourcecodester,Online Graduate Tracer System,8.8,HIGH,0.0017800000496208668,false,false,false,true,true,false,false,2024-08-20T02:00:06.197Z,0
CVE-2024-7931,https://securityvulnerability.io/vulnerability/CVE-2024-7931,SQL Injection Vulnerability in SourceCodester Online Graduate Tracer System,"A significant SQL injection vulnerability has been disclosed within the SourceCodester Online Graduate Tracer System, particularly affecting version 1.0. This issue arises from improper handling of inputs in the '/tracking/admin/view_csprofile.php' file, where manipulation of the 'id' parameter allows an attacker to execute arbitrary SQL queries. The vulnerability can be triggered remotely, posing a serious security risk to exposed systems. Given its potential for exploitation, it is crucial for administrators to apply immediate remediation measures, such as validating inputs and employing parameterized queries, to safeguard databases from unauthorized access and data breaches. For further information, refer to related resources and advisories.",Sourcecodester,Online Graduate Tracer System,8.8,HIGH,0.001979999942705035,false,false,false,true,true,false,false,2024-08-19T22:15:00.000Z,0
CVE-2024-7845,https://securityvulnerability.io/vulnerability/CVE-2024-7845,SQL Injection Vulnerability in SourceCodester Online Graduate Tracer System,"A significant security flaw has been identified in the SourceCodester Online Graduate Tracer System 1.0, specifically within the file /tracking/admin/fetch_it.php. This vulnerability allows remote attackers to execute SQL injection attacks by manipulating the 'request' argument. If exploited, attackers could gain unauthorized access to the database, compromising sensitive user data and system integrity. The vulnerability has been publicly disclosed, making it imperative for users of this system to take immediate action to secure their applications against potential exploitation.",SourceCodester,Online Graduate Tracer System,7.5,HIGH,0.0006000000284984708,false,false,false,false,,false,false,2024-08-16T02:15:00.000Z,0
CVE-2024-7844,https://securityvulnerability.io/vulnerability/CVE-2024-7844,Cross Site Scripting Vulnerability in Online Graduate Tracer System,"A vulnerability has been identified in SourceCodester Online Graduate Tracer System version 1.0, specifically within the file /tracking/admin/add_acc.php. This issue stems from inadequate validation and insufficient sanitization of input parameters, allowing attackers to manipulate the arguments for name, user, or position. Such manipulation can lead to cross-site scripting (XSS) attacks, enabling external entities to execute malicious scripts within the context of the user's session. The vulnerability can be exploited remotely, and has been publicly disclosed, potentially impacting the security of the application's users.",SourceCodester,Online Graduate Tracer System,5.4,MEDIUM,0.0008800000068731606,false,false,false,false,,false,false,2024-08-15T23:15:00.000Z,0
CVE-2024-7843,https://securityvulnerability.io/vulnerability/CVE-2024-7843,"vulnerability discovered in SourceCodester's Online Graduate Tracer System, could lead to information disclosure","A vulnerability exists within an unspecified function located in the file /tracking/admin/exportcs.php of the SourceCodester Online Graduate Tracer System version 1.0. This security flaw allows for the potential remote manipulation and unauthorized disclosure of sensitive information. With the public disclosure of this vulnerability, attackers may exploit it to expose confidential data, putting users and systems at risk. Immediate action is crucial to safeguard against potential exploitation.",SourceCodester,Online Graduate Tracer System,7.5,HIGH,0.0029200001154094934,false,false,false,false,,false,false,2024-08-15T23:15:00.000Z,0
CVE-2024-7842,https://securityvulnerability.io/vulnerability/CVE-2024-7842,SourceCodester Online Graduate Tracer System Vulnerability: Information Disclosure Risk,"A notable vulnerability within the SourceCodester Online Graduate Tracer System version 1.0 has been identified, specifically affecting the /tracking/admin/export_it.php file. This issue arises due to improper processing, which can lead to unauthorized information disclosure. Malicious actors may exploit this vulnerability remotely, posing a threat to the integrity and confidentiality of data handled by the system. Public disclosure of the exploit has occurred, signaling the urgency for users to assess their security measures.",SourceCodester,Online Graduate Tracer System,7.5,HIGH,0.0029200001154094934,false,false,false,false,,false,false,2024-08-15T22:15:00.000Z,0
CVE-2024-7810,https://securityvulnerability.io/vulnerability/CVE-2024-7810,SQL Injection Vulnerability in SourceCodester Online Graduate Tracer System,"A critical SQL injection vulnerability has been discovered in the SourceCodester Online Graduate Tracer System version 1.0. This vulnerability resides in the file /tracking/admin/view_itprofile.php and can be exploited by manipulating the 'id' argument. Attackers can execute malicious SQL queries by exploiting this flaw remotely, potentially leading to unauthorized access to sensitive data or system compromise. The issue has been publicly disclosed, increasing the risk of attacks. It is imperative for users and organizations utilizing this system to apply necessary patches or mitigations to safeguard against potential exploitation.",Sourcecodester,Online Graduate Tracer System,8.8,HIGH,0.0016400000313296914,false,false,false,true,true,false,false,2024-08-15T02:00:05.833Z,0
CVE-2024-7809,https://securityvulnerability.io/vulnerability/CVE-2024-7809,Graduate Tracer System Vulnerability Exposes Information Remotely,A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/nbproject/. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,Sourcecodester,Online Graduate Tracer System,5.3,MEDIUM,0.0038799999747425318,false,false,false,true,true,false,false,2024-08-15T01:31:03.857Z,0
CVE-2023-4556,https://securityvulnerability.io/vulnerability/CVE-2023-4556,SourceCodester Online Graduate Tracer System sexit.php mysqli_query sql injection,A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is the function mysqli_query of the file sexit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-238154 is the identifier assigned to this vulnerability.,SourceCodester,Online Graduate Tracer System,9.8,CRITICAL,0.0014100000262260437,false,false,false,false,,false,false,2023-08-27T07:15:00.000Z,0
CVE-2023-1854,https://securityvulnerability.io/vulnerability/CVE-2023-1854,SourceCodester Online Graduate Tracer System session expiration,"A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224994 is the identifier assigned to this vulnerability.",Sourcecodester,Online Graduate Tracer System,4.7,MEDIUM,0.016419999301433563,false,false,false,false,,false,false,2023-04-05T08:15:00.000Z,0
CVE-2023-1394,https://securityvulnerability.io/vulnerability/CVE-2023-1394,SourceCodester Online Graduate Tracer System bsitemp.php mysqli_query sql injection,"A vulnerability exists in the SourceCodester Online Graduate Tracer System 1.0 that allows an attacker to manipulate the 'id' argument in the mysqli_query function located in the bsitemp.php file. This may lead to unauthorized access and data disclosure via SQL injection attacks. The vulnerability is remotely exploitable and has been publicly disclosed, making it vital for affected users to implement security measures immediately to mitigate potential risks.",SourceCodester,Online Graduate Tracer System,9.8,CRITICAL,0.0021800000686198473,false,false,false,false,,false,false,2023-03-14T15:15:00.000Z,0
CVE-2023-1309,https://securityvulnerability.io/vulnerability/CVE-2023-1309,SourceCodester Online Graduate Tracer System search_it.php sql injection,"A security flaw exists in the SourceCodester Online Graduate Tracer System 1.0, where improper validation of user input in the admin/search_it.php file allows for SQL injection vulnerabilities. This enables attackers to manipulate input arguments, allowing for unauthorized access to the database and potential exposure of sensitive data. The vulnerability can be exploited remotely, increasing its risk to users. An identifier, VDB-222697, has been assigned to track this issue.",SourceCodester,Online Graduate Tracer System,9.8,CRITICAL,0.002139999996870756,false,false,false,false,,false,false,2023-03-10T08:15:00.000Z,0
CVE-2023-1310,https://securityvulnerability.io/vulnerability/CVE-2023-1310,SourceCodester Online Graduate Tracer System prof.php sql injection,"A SQL injection vulnerability exists in the SourceCodester Online Graduate Tracer System version 1.0, specifically within the file admin/prof.php. This flaw allows remote attackers to manipulate the 'id' parameter, potentially leading to unauthorized access to sensitive information stored in the database. Given its public disclosure, it is crucial for users of this system to take immediate actions to mitigate the risks associated with this vulnerability.",SourceCodester,Online Graduate Tracer System,9.8,CRITICAL,0.002139999996870756,false,false,false,false,,false,false,2023-03-10T08:15:00.000Z,0
CVE-2023-1308,https://securityvulnerability.io/vulnerability/CVE-2023-1308,SourceCodester Online Graduate Tracer System adminlog.php sql injection,"An SQL injection vulnerability exists in an unspecified function of the admin/adminlog.php file within the Online Graduate Tracer System 1.0 by SourceCodester. This flaw allows an attacker to manipulate the 'user' argument, potentially enabling remote exploitation. The public disclosure of this vulnerability raises concerns about its accessibility for potential attackers.",SourceCodester,Online Graduate Tracer System,9.8,CRITICAL,0.002139999996870756,false,false,false,false,,false,false,2023-03-10T08:15:00.000Z,0
CVE-2023-1293,https://securityvulnerability.io/vulnerability/CVE-2023-1293,SourceCodester Online Graduate Tracer System admin_cs.php mysqli_query sql injection,"A vulnerability exists in the SourceCodester Online Graduate Tracer System version 1.0 that allows attackers to execute unauthorized SQL commands through the admin_cs.php file's mysqli_query function. This SQL injection can be exploited remotely, permitting potential manipulation of the database without proper authentication. The complexity associated with exploiting this vulnerability is high, but it has been publicly disclosed, increasing the risk of attack. Users of this system should take immediate action to mitigate exposure.",SourceCodester,Online Graduate Tracer System,8.1,HIGH,0.0017300000181421638,false,false,false,false,,false,false,2023-03-09T15:15:00.000Z,0
CVE-2023-1040,https://securityvulnerability.io/vulnerability/CVE-2023-1040,SourceCodester Online Graduate Tracer System add_acc.php sql injection,"A security issue has been identified in the SourceCodester Online Graduate Tracer System, specifically within the file tracking/admin/add_acc.php. This vulnerability enables attackers to manipulate the 'id' parameter, leading to a SQL injection that can be executed remotely. As the exploit is now public, it is critical for users to apply necessary security measures to safeguard their systems against potential attacks.",SourceCodester,Online Graduate Tracer System,9.8,CRITICAL,0.001930000027641654,false,false,false,false,,false,false,2023-02-26T12:15:00.000Z,0