cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-2155,https://securityvulnerability.io/vulnerability/CVE-2023-2155,SourceCodester Air Cargo Management System cross site scripting,A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file classes/Master.php?f=save_cargo_type. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226276.,Sourcecodester,Air Cargo Management System,2.4,LOW,0.000910000002477318,false,,false,false,true,2023-04-18T15:15:00.000Z,true,false,false,,2023-04-18T15:15:00.000Z,0
CVE-2023-1856,https://securityvulnerability.io/vulnerability/CVE-2023-1856,SourceCodester Air Cargo Management System GET Parameter track_shipment.php sql injection,"A SQL injection vulnerability exists in the SourceCodester Air Cargo Management System, specifically within the GET parameter handler of the file /admin/transactions/track_shipment.php. This vulnerability can be exploited remotely by manipulating the 'id' argument, allowing an attacker to execute arbitrary SQL commands. The potential for unauthorized access to the database poses significant risks, highlighting the need for immediate remediation to safeguard sensitive data.",SourceCodester,Air Cargo Management System,9.8,CRITICAL,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T08:15:00.000Z,0
CVE-2023-1740,https://securityvulnerability.io/vulnerability/CVE-2023-1740,SourceCodester Air Cargo Management System GET Parameter manage_user.php sql injection,"A vulnerability exists in the Air Cargo Management System, specifically in the GET Parameter Handler of the manage_user.php file. This flaw allows an attacker to manipulate the 'id' argument, leading to SQL injection. This could enable remote attackers to execute unauthorized SQL commands, compromising the database and potentially exposing sensitive information. Publicly disclosed exploits make this vulnerability a significant threat, emphasizing the need for immediate security measures.",SourceCodester,Air Cargo Management System,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2023-03-30T21:15:00.000Z,0
CVE-2023-1564,https://securityvulnerability.io/vulnerability/CVE-2023-1564,SourceCodester Air Cargo Management System GET Parameter update_status.php sql injection,"A security flaw has been identified in the Air Cargo Management System 1.0 from SourceCodester, related to the file admin/transactions/update_status.php. This vulnerability allows for SQL injection through manipulation of the 'id' parameter, enabling remote attacks that compromise database integrity. The exploit has been publicly disclosed, exposing systems to potential threats, underscoring the need for immediate remediation to safeguard sensitive data.",SourceCodester,Air Cargo Management System,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2023-03-22T13:15:00.000Z,0