cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10413,https://securityvulnerability.io/vulnerability/CVE-2024-10413,Unrestricted File Upload Vulnerability in SourceCodester Online Hotel Reservation System,"A serious security flaw exists within the SourceCodester Online Hotel Reservation System, specifically in version 1.0, where the 'upload' function in '/guest/update.php' is susceptible to unrestricted file uploads. This vulnerability allows attackers to upload malicious files without adequate validation, potentially leading to unauthorized remote code execution. The exploit can be executed remotely, raising significant concerns for any installations of this system as it compromises the application's integrity and data security. Awareness and prompt action are crucial to mitigate the risks associated with this vulnerability.",Sourcecodester,Online Hotel Reservation System,9.8,CRITICAL,0.0035699999425560236,false,false,false,true,true,false,false,2024-10-27T09:31:04.379Z,0
CVE-2024-10411,https://securityvulnerability.io/vulnerability/CVE-2024-10411,SQL Injection Vulnerability in SourceCodester Online Hotel Reservation System,"A significant vulnerability has been discovered in the SourceCodester Online Hotel Reservation System version 1.0, specifically within the functions doCancelRoom, doCancel, doConfirm, doCancel, doCheckin, and doCheckout in the controller.php file located in the admin module. This vulnerability permits an attacker to manipulate the id argument, leading to potential SQL injection. With the ability to execute this attack remotely, the disclosure of exploit details to the public highlights an urgent need for affected users to implement immediate security measures to protect their systems from unauthorized access or data breaches.",Sourcecodester,Online Hotel Reservation System,7.2,HIGH,0.0014799999771639705,false,false,false,true,true,false,false,2024-10-27T05:00:05.336Z,0
CVE-2024-10410,https://securityvulnerability.io/vulnerability/CVE-2024-10410,Unrestricted File Upload Vulnerability in SourceCodester Online Hotel Reservation System,"A severe security vulnerability has been identified in SourceCodester's Online Hotel Reservation System, specifically in the file upload functionality of the controller.php script used in the admin interface. The flaw allows attackers to upload arbitrary files by manipulating the 'image' argument without any restrictions. This exploitation can be initiated remotely, potentially leading to significant consequences like unauthorized access or execution of malicious scripts on the server. Users of version 1.0 are especially at risk and should take immediate action to mitigate this vulnerability before it can be exploited. For detailed insights and strategies to protect your application, refer to the provided resources.",Sourcecodester,Online Hotel Reservation System,7.2,HIGH,0.0021699999924749136,false,false,false,true,true,false,false,2024-10-27T03:31:05.066Z,0