cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-9008,https://securityvulnerability.io/vulnerability/CVE-2024-9008,SQL Injection Vulnerability in SourceCodester Best Online News Portal,"A significant security vulnerability has been identified in the SourceCodester Best Online News Portal, version 1.0, specifically within the Comment Section functionality located in the /news-details.php file. The vulnerability arises from improper handling of the 'name' argument, which can be exploited through SQL injection techniques. This allows attackers to execute arbitrary SQL commands against the underlying database, leading to potential data breaches or corruption. The exploit can be initiated remotely, making it imperative for users of this software to take immediate action to secure their systems. For further details and mitigation strategies, refer to the relevant cybersecurity resources.",Sourcecodester,Best Online News Portal,9.8,CRITICAL,0.0016499999910593033,false,,false,false,true,2024-09-19T22:15:00.000Z,true,false,false,,2024-09-19T23:15:00.000Z,0
CVE-2024-5985,https://securityvulnerability.io/vulnerability/CVE-2024-5985,SQL Injection Vulnerability in SourceCodester Best Online News Portal,"A critical SQL injection vulnerability has been identified in the SourceCodester Best Online News Portal version 1.0, specifically within the /admin/index.php file. The flaw arises from improper handling of the username parameter, allowing attackers to inject malicious SQL queries. This vulnerability can be exploited remotely, potentially leading to unauthorized access to sensitive data stored in the database. Given that the exploit has been publicly disclosed, it is essential for users and administrators of this product to apply mitigation strategies promptly. Regularly updating your software and employing web application firewalls are critical steps in defending against such threats.",Sourcecodester,Best Online News Portal,8.8,HIGH,0.0014799999771639705,false,,false,false,true,2024-06-14T01:00:04.000Z,true,false,false,,2024-06-14T02:00:04.892Z,0
CVE-2023-1962,https://securityvulnerability.io/vulnerability/CVE-2023-1962,SourceCodester Best Online News Portal POST Parameter forgot-password.php sql injection,"A vulnerability exists in the Best Online News Portal 1.0 due to improper handling of the 'username' parameter in the /admin/forgot-password.php file. This flaw allows an attacker to manipulate the POST request and perform SQL injection, potentially gaining unauthorized access to sensitive data. The exploit can be executed remotely, posing significant security risks to users of the affected product. Awareness of this vulnerability is crucial due to its public disclosure, making it essential for administrators to implement protective measures promptly.",Sourcecodester,Best Online News Portal,7.3,HIGH,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-09T08:15:00.000Z,0
CVE-2023-0785,https://securityvulnerability.io/vulnerability/CVE-2023-0785,SourceCodester Best Online News Portal check_availability.php information exposure,A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file check_availability.php. The manipulation of the argument username leads to exposure of sensitive information through data queries. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220645 was assigned to this vulnerability.,SourceCodester,Best Online News Portal,3.7,LOW,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-02-12T08:15:00.000Z,0
CVE-2023-0784,https://securityvulnerability.io/vulnerability/CVE-2023-0784,SourceCodester Best Online News Portal Login Page sql injection,"A vulnerability has been discovered in SourceCodester's Best Online News Portal 1.0, specifically within the Login Page component. An attacker could exploit this vulnerability through manipulation of the username argument, leading to SQL injection. This flaw allows for remote exploitation, presenting significant security risks as the exploit has already been disclosed publicly. It is crucial for users of the affected product to take necessary precautions and implement mitigation strategies.",SourceCodester,Best Online News Portal,9.8,CRITICAL,0.0021800000686198473,false,,false,false,false,,,false,false,,2023-02-12T08:15:00.000Z,0