cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10407,https://securityvulnerability.io/vulnerability/CVE-2024-10407,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software 1.0,"A significant SQL injection vulnerability exists in SourceCodester Petrol Pump Management Software version 1.0, specifically related to parameter manipulation within the file /admin/edit_customer.php. By exploiting the vulnerability, attackers can execute arbitrary SQL commands, potentially compromising database integrity and confidentiality. The vulnerability can be exploited remotely, making it a considerable risk for systems running the affected software. Organizations are advised to immediately apply security patches and implement monitoring measures to secure their databases against potential exploitation.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0014799999771639705,false,false,false,true,true,false,false,2024-10-27T00:15:00.000Z,0
CVE-2024-10406,https://securityvulnerability.io/vulnerability/CVE-2024-10406,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A critical SQL injection vulnerability has been identified in the SourceCodester Petrol Pump Management Software version 1.0, specifically within the /admin/edit_fuel.php file. This vulnerability arises from improper handling of user-supplied input, allowing an attacker to manipulate the 'id' parameter. Remote attackers can exploit this flaw to execute arbitrary SQL queries against the application's database, potentially leading to unauthorized data access or manipulation. As the exploit has already been made public, it poses a significant risk to installations of the affected software. Immediate action is recommended to mitigate the associated security risks.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0014799999771639705,false,false,false,true,true,false,false,2024-10-26T22:00:07.269Z,0
CVE-2024-10380,https://securityvulnerability.io/vulnerability/CVE-2024-10380,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A critical vulnerability has been identified in SourceCodester's Petrol Pump Management Software version 1.0, impacting the functionality of the /admin/ajax_product.php file. This vulnerability is characterized by an SQL injection attack that may be initiated remotely, allowing an attacker to manipulate the 'drop_services' parameter. The exposure of this flaw to the public increases the urgency for users to secure their systems, as it could be exploited to gain unauthorized access to sensitive database information.",Sourcecodester,Petrol Pump Management Software,7.5,HIGH,0.0022799998987466097,false,false,false,true,true,false,false,2024-10-25T13:00:07.206Z,0
CVE-2024-10354,https://securityvulnerability.io/vulnerability/CVE-2024-10354,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A critical vulnerability exists in the SourceCodester Petrol Pump Management Software version 1.0, specifically affecting the /admin/print.php file. This flaw allows attackers to manipulate the 'id' argument, leading to a SQL injection attack. The attack can be executed remotely, enabling potential unauthorized access to sensitive data. The vulnerability has been made publicly known, which increases the risk of exploitation, highlighting the urgent need for affected users to apply necessary security measures.",Sourcecodester,Petrol Pump Management Software,4.9,MEDIUM,0.001069999998435378,false,false,false,true,true,false,false,2024-10-25T01:15:00.000Z,0
CVE-2024-10355,https://securityvulnerability.io/vulnerability/CVE-2024-10355,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A SQL injection vulnerability has been identified in the Petrol Pump Management Software version 1.0 by SourceCodester. This security flaw resides in the '/admin/invoice.php' file, where the manipulation of the 'id' parameter can allow an attacker to execute arbitrary SQL queries. This remote exploitation could lead to unauthorized access to the database, enabling potential attackers to retrieve, modify, or delete sensitive data. With the exploit already disclosed, it is imperative for users and administrators of the affected software to apply appropriate mitigations and updates to safeguard against possible attacks.",Sourcecodester,Petrol Pump Management Software,4.9,MEDIUM,0.001449999981559813,false,false,false,true,true,false,false,2024-10-25T01:15:00.000Z,0
CVE-2024-2063,https://securityvulnerability.io/vulnerability/CVE-2024-2063,Cross Site Scripting Vulnerability in Petrol Pump Management Software,"A vulnerability, which was classified as problematic, was found in SourceCodester Petrol Pump Management Software 1.0. Affected is an unknown function of the file /admin/app/profile_crud.php. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-255378 is the identifier assigned to this vulnerability.",Sourcecodester,Petrol Pump Management Software,4.8,MEDIUM,0.0005300000193528831,false,false,false,true,true,false,false,2024-03-01T13:00:10.450Z,0
CVE-2024-2062,https://securityvulnerability.io/vulnerability/CVE-2024-2062,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A critical vulnerability has been identified in SourceCodester Petrol Pump Management Software, specifically in the file /admin/edit_categories.php. This vulnerability allows an attacker to manipulate the 'id' argument, leading to SQL injection attacks. Such vulnerabilities can be exploited remotely, posing significant security risks to the database and the overall integrity of the software. As public details of this exploit have been disclosed, users of this software are advised to take immediate action to mitigate potential threats.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0006900000153109431,false,false,false,true,true,false,false,2024-03-01T13:00:08.948Z,0
CVE-2024-2061,https://securityvulnerability.io/vulnerability/CVE-2024-2061,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A significant security vulnerability has been identified in the Petrol Pump Management Software by SourceCodester. This flaw is found specifically in the file responsible for supplier management (/admin/edit_supplier.php). The vulnerability stems from improper handling of user input, allowing an attacker to manipulate the 'id' parameter. If exploited, this could lead to unauthorized access to the database and potential data leakage. As the exploit is publicly known, it poses a risk for organizations using this software version, emphasizing the need for immediate attention and remediation.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0006900000153109431,false,false,false,true,true,false,false,2024-03-01T12:31:05.367Z,0
CVE-2024-2060,https://securityvulnerability.io/vulnerability/CVE-2024-2060,SQL Injection Vulnerability in SourceCodester Petrol Pump Management Software,"A notable security flaw has been identified in the Petrol Pump Management Software developed by SourceCodester. This vulnerability occurs in the login process, particularly within the file located at /admin/app/login_crud.php. The issue arises from improper handling of the 'email' input parameter, which allows attackers to execute SQL injection attacks. This can result in unauthorized access to sensitive database information. The vulnerability can be exploited remotely, raising significant concerns for system administrators and users. It is crucial for affected users to apply mitigations and updates as soon as possible to safeguard their systems against potential threats.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0006200000061653554,false,false,false,true,true,false,false,2024-03-01T12:31:04.004Z,0
CVE-2024-2059,https://securityvulnerability.io/vulnerability/CVE-2024-2059,Unrestricted File Upload in SourceCodester Petrol Pump Management Software,"A significant vulnerability exists in the SourceCodester Petrol Pump Management Software version 1.0, specifically impacting the service_crud.php file located in the /admin/app/ directory. This flaw allows for the unrestricted upload of files by manipulating the 'photo' argument. Such an exploit can be executed remotely, granting unauthorized users the ability to upload malicious files, which may lead to further attacks or compromise of the server. With the details of this vulnerability publicly disclosed, it is crucial for users and administrators of the affected software to take immediate action to mitigate potential risks.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0011500000255182385,false,false,false,true,true,false,false,2024-03-01T11:31:05.750Z,0
CVE-2024-2058,https://securityvulnerability.io/vulnerability/CVE-2024-2058,Unrestricted File Upload Vulnerability in SourceCodester Petrol Pump Management Software,"A significant vulnerability exists in the Petrol Pump Management Software, specifically related to an insecure feature within the admin panel. The flaw allows for unrestricted file uploads via the product.php file, which can be exploited by remote attackers to upload malicious files. This weakness has been publicly disclosed and may pose severe risks to system integrity and data security. It is imperative for users of the affected software to implement mitigation strategies immediately to defend against potential exploitation.",Sourcecodester,Petrol Pump Management Software,7.2,HIGH,0.0014400000218302011,false,false,false,true,true,false,false,2024-03-01T10:12:20.887Z,0