cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-6273,https://securityvulnerability.io/vulnerability/CVE-2024-6273,Cross Site Scripting Vulnerability in Clinic Queuing System 1.0,A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as problematic. Affected by this vulnerability is the function save_patient of the file patient_side.php. The manipulation of the argument Full Name/Contact/Address leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269485 was assigned to this vulnerability.,Sourcecodester,Clinic Queuing System,6.1,MEDIUM,0.00107999995816499,false,,false,false,true,2024-06-23T21:00:05.000Z,true,false,false,,2024-06-23T22:00:05.608Z,0
CVE-2024-0264,https://securityvulnerability.io/vulnerability/CVE-2024-0264,SourceCodester Clinic Queuing System LoginRegistration.php authorization,"The vulnerability in SourceCodester's Clinic Queuing System 1.0 involves an authorization bypass stemming from the manipulation of the formToken argument in the /LoginRegistration.php file. This flaw allows attackers to exploit the system remotely, facilitating unauthorized access to sensitive areas of the application. The potential for remote exploitation raises significant security concerns, especially since the exploit has already been disclosed publicly. Organizations using this version of the Clinic Queuing System should assess their security posture and apply necessary patches or mitigations.",SourceCodester,Clinic Queuing System,9.8,CRITICAL,0.0014600000577047467,false,,false,false,true,2024-01-07T05:15:00.000Z,true,false,false,,2024-01-07T05:15:00.000Z,0
CVE-2024-0265,https://securityvulnerability.io/vulnerability/CVE-2024-0265,SourceCodester Clinic Queuing System GET Parameter index.php file inclusion,"A significant vulnerability has been identified in the SourceCodester Clinic Queuing System, particularly impacting version 1.0. This issue resides within the GET Parameter Handler of the /index.php file, where improper handling of the 'page' argument permits file inclusion vulnerabilities. Unauthorized users can exploit this flaw remotely, potentially leading to unauthorized access and execution of arbitrary code on the server. Given the public disclosure of the exploit, it is crucial for users to assess their systems and apply necessary security measures promptly.",SourceCodester,Clinic Queuing System,8.8,HIGH,0.012799999676644802,false,,false,false,true,2024-01-07T05:15:00.000Z,true,false,false,,2024-01-07T05:15:00.000Z,0