cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2068,https://securityvulnerability.io/vulnerability/CVE-2024-2068,Cross Site Scripting Vulnerability in Computer Inventory System 1.0,A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255383.,Sourcecodester,Computer Inventory System,6.1,MEDIUM,0.0005699999746866524,false,,false,false,true,2024-03-01T15:31:04.000Z,true,false,false,,2024-03-01T15:31:04.368Z,0
CVE-2024-2067,https://securityvulnerability.io/vulnerability/CVE-2024-2067,SQL Injection Vulnerability in SourceCodester Computer Inventory System,"The SourceCodester Computer Inventory System version 1.0 contains a SQL injection vulnerability in the '/endpoint/delete-computer.php' file. This issue arises from improper handling of user input in the 'computer' argument, allowing attackers to manipulate SQL queries and potentially access sensitive data. This vulnerability can be exploited remotely, increasing its risk profile, as it can be targeted without physical access to the system. Publicly disclosed exploits make this a significant concern for organizations utilizing this software, necessitating immediate action to secure their installations.",Sourcecodester,Computer Inventory System,9.8,CRITICAL,0.0007300000288523734,false,,false,false,true,2024-03-01T15:00:08.000Z,true,false,false,,2024-03-01T15:00:08.086Z,0
CVE-2024-2066,https://securityvulnerability.io/vulnerability/CVE-2024-2066,Cross Site Scripting Vulnerability in Computer Inventory System 1.0,A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-255381 was assigned to this vulnerability.,Sourcecodester,Computer Inventory System,6.1,MEDIUM,0.0005699999746866524,false,,false,false,true,2024-03-01T14:31:05.000Z,true,false,false,,2024-03-01T14:31:05.926Z,0
CVE-2023-1363,https://securityvulnerability.io/vulnerability/CVE-2023-1363,SourceCodester Computer Parts Sales and Inventory System Add User Account cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222870 is the identifier assigned to this vulnerability.",SourceCodester,Computer Parts Sales and Inventory System,5.4,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-03-13T06:15:00.000Z,0
CVE-2023-1351,https://securityvulnerability.io/vulnerability/CVE-2023-1351,SourceCodester Computer Parts Sales and Inventory System cust_transac.php sql injection,"A security flaw has been identified in the SourceCodester Computer Parts Sales and Inventory System version 1.0, specifically within the cust_transac.php file. The vulnerability occurs due to improper handling of the 'phonenumber' parameter, allowing remote attackers to execute SQL injection attacks. This can potentially lead to unauthorized access to sensitive data, making it a critical concern for system administrators. The exploit has been made publicly available, urging users to address the issue promptly.",SourceCodester,Computer Parts Sales and Inventory System,9.8,CRITICAL,0.007670000195503235,false,,false,false,false,,,false,false,,2023-03-11T12:15:00.000Z,0
CVE-2023-1179,https://securityvulnerability.io/vulnerability/CVE-2023-1179,SourceCodester Computer Parts Sales and Inventory System Add Supplier cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument company_name/province/city/phone_number leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222330 is the identifier assigned to this vulnerability.",SourceCodester,Computer Parts Sales and Inventory System,5.4,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2023-03-05T10:15:00.000Z,0
CVE-2023-1131,https://securityvulnerability.io/vulnerability/CVE-2023-1131,SourceCodester Computer Parts Sales and Inventory System customer.php cross site scripting,A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRST_NAME/LAST_NAME/PHONE_NUMBER leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222106 is the identifier assigned to this vulnerability.,SourceCodester,Computer Parts Sales and Inventory System,6.1,MEDIUM,0.0017399999778717756,false,,false,false,false,,,false,false,,2023-03-01T20:15:00.000Z,0
CVE-2023-1130,https://securityvulnerability.io/vulnerability/CVE-2023-1130,SourceCodester Computer Parts Sales and Inventory System processlogin sql injection,"A SQL injection vulnerability has been identified in the SourceCodester Computer Parts Sales and Inventory System 1.0, affecting how user input is processed in the 'processlogin' file. This flaw allows an attacker to manipulate input, potentially leading to unauthorized access to confidential data. The vulnerability can be exploited remotely, posing a significant risk to the integrity and confidentiality of sensitive information. Security measures must be implemented to mitigate the risk and protect against potential exploitation of this vulnerability.",SourceCodester,Computer Parts Sales and Inventory System,9.8,CRITICAL,0.0041600000113248825,false,,false,false,false,,,false,false,,2023-03-01T20:15:00.000Z,0