cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-7196,https://securityvulnerability.io/vulnerability/CVE-2024-7196,Vulnerability in SourceCodester Complaints Report Management System 1.0 Allows for Remote SQL Injection,"A vulnerability exists within the SourceCodester Complaints Report Management System version 1.0 that facilitates SQL injection attacks via the /admin/ajax.php?action=login endpoint. By manipulating the 'username' parameter, attackers can infiltrate the database remotely, exposing sensitive data and potentially compromising system integrity. The nature of this vulnerability has been publicly disclosed, highlighting its significance and the urgency for remediation measures to prevent exploitation.",SourceCodester,Complaints Report Management System,9.8,CRITICAL,0.000699999975040555,false,,false,false,false,,,false,false,,2024-07-29T11:15:00.000Z,0
CVE-2023-2243,https://securityvulnerability.io/vulnerability/CVE-2023-2243,SourceCodester Complaint Management System POST Parameter registration.php sql injection,"A SQL injection vulnerability was identified in the SourceCodester Complaint Management System 1.0. The issue arises from improper handling of the 'fullname' parameter within the 'users/registration.php' file. An attacker could exploit this flaw remotely, potentially allowing for unauthorized access to the database and manipulation of data. Given that the exploit has been publicly disclosed, it is crucial for users of this system to assess their vulnerability and implement necessary security measures to mitigate risks.",SourceCodester,Complaint Management System,8.8,HIGH,0.003229999914765358,false,,false,false,false,,,false,false,,2023-04-22T17:15:00.000Z,0
CVE-2023-2153,https://securityvulnerability.io/vulnerability/CVE-2023-2153,SourceCodester Complaint Management System POST Parameter editable_ajax.php cross site scripting,A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php of the component POST Parameter Handler. The manipulation of the argument value with the input 1><script>alert(666)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-226274 is the identifier assigned to this vulnerability.,SourceCodester,Complaint Management System,6.1,MEDIUM,0.0011399999493733048,false,,false,false,false,,,false,false,,2023-04-18T14:15:00.000Z,0
CVE-2023-2089,https://securityvulnerability.io/vulnerability/CVE-2023-2089,SourceCodester Complaint Management System GET Parameter userprofile.php sql injection,"A security flaw has been identified in the SourceCodester Complaint Management System 1.0 that allows attackers to perform SQL Injection via the uid parameter in the /admin/userprofile.php file. This vulnerability may enable unauthorized remote access to manipulate the database, potentially leading to sensitive information leakage or data manipulation. As the exploit is publicly disclosed, it poses a significant threat and users are advised to implement security measures immediately.",SourceCodester,Complaint Management System,8.8,HIGH,0.0021800000686198473,false,,false,false,false,,,false,false,,2023-04-15T08:15:00.000Z,0
CVE-2023-1984,https://securityvulnerability.io/vulnerability/CVE-2023-1984,SourceCodester Complaint Management System POST Parameter check_availability.php sql injection,A vulnerability classified as critical was found in SourceCodester Complaint Management System 1.0. This vulnerability affects unknown code of the file /users/check_availability.php of the component POST Parameter Handler. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225532.,Sourcecodester,Complaint Management System,6.3,MEDIUM,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-11T18:15:00.000Z,0
CVE-2020-24932,https://securityvulnerability.io/vulnerability/CVE-2020-24932,SQL Injection Vulnerability in Sourcecodester Complaint Management System,"An SQL Injection vulnerability exists in the Sourcecodester Complaint Management System 1.0. This flaw is triggered through the 'cid' parameter in the complaint-details.php file, allowing attackers to manipulate SQL queries. Exploiting this vulnerability could enable unauthorized access to sensitive data and may result in data breach incidents, which could severely compromise the integrity and confidentiality of the affected application.",Sourcecodester,Complaint Management System,9.8,CRITICAL,0.003169999923557043,false,,false,false,false,,,false,false,,2021-10-27T13:57:02.000Z,0