cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1363,https://securityvulnerability.io/vulnerability/CVE-2023-1363,SourceCodester Computer Parts Sales and Inventory System Add User Account cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222870 is the identifier assigned to this vulnerability.",SourceCodester,Computer Parts Sales and Inventory System,5.4,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-03-13T06:15:00.000Z,0
CVE-2023-1351,https://securityvulnerability.io/vulnerability/CVE-2023-1351,SourceCodester Computer Parts Sales and Inventory System cust_transac.php sql injection,"A security flaw has been identified in the SourceCodester Computer Parts Sales and Inventory System version 1.0, specifically within the cust_transac.php file. The vulnerability occurs due to improper handling of the 'phonenumber' parameter, allowing remote attackers to execute SQL injection attacks. This can potentially lead to unauthorized access to sensitive data, making it a critical concern for system administrators. The exploit has been made publicly available, urging users to address the issue promptly.",SourceCodester,Computer Parts Sales and Inventory System,9.8,CRITICAL,0.007670000195503235,false,,false,false,false,,,false,false,,2023-03-11T12:15:00.000Z,0
CVE-2023-1179,https://securityvulnerability.io/vulnerability/CVE-2023-1179,SourceCodester Computer Parts Sales and Inventory System Add Supplier cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument company_name/province/city/phone_number leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222330 is the identifier assigned to this vulnerability.",SourceCodester,Computer Parts Sales and Inventory System,5.4,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2023-03-05T10:15:00.000Z,0
CVE-2023-1130,https://securityvulnerability.io/vulnerability/CVE-2023-1130,SourceCodester Computer Parts Sales and Inventory System processlogin sql injection,"A SQL injection vulnerability has been identified in the SourceCodester Computer Parts Sales and Inventory System 1.0, affecting how user input is processed in the 'processlogin' file. This flaw allows an attacker to manipulate input, potentially leading to unauthorized access to confidential data. The vulnerability can be exploited remotely, posing a significant risk to the integrity and confidentiality of sensitive information. Security measures must be implemented to mitigate the risk and protect against potential exploitation of this vulnerability.",SourceCodester,Computer Parts Sales and Inventory System,9.8,CRITICAL,0.0041600000113248825,false,,false,false,false,,,false,false,,2023-03-01T20:15:00.000Z,0
CVE-2023-1131,https://securityvulnerability.io/vulnerability/CVE-2023-1131,SourceCodester Computer Parts Sales and Inventory System customer.php cross site scripting,A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRST_NAME/LAST_NAME/PHONE_NUMBER leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222106 is the identifier assigned to this vulnerability.,SourceCodester,Computer Parts Sales and Inventory System,6.1,MEDIUM,0.0017399999778717756,false,,false,false,false,,,false,false,,2023-03-01T20:15:00.000Z,0