cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2393,https://securityvulnerability.io/vulnerability/CVE-2024-2393,SQL Injection Vulnerability in SourceCodester CRUD Framework,"A significant vulnerability has been identified in the SourceCodester CRUD without Page Reload 1.0 framework, particularly in the add_user.php file. This issue arises from improper validation of user-supplied data, specifically in the 'city' input parameter, which allows for SQL injection attacks. Exploitation of this vulnerability enables remote attackers to manipulate database queries executed by the application, potentially leading to unauthorized data access or manipulation. The exploit has been publicly disclosed, and it is essential for users of this framework to apply necessary precautions and updates to mitigate potential risks.",Sourcecodester,Crud Without Page Reload,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-03-12T13:00:08.000Z,true,false,false,,2024-03-12T13:00:08.002Z,0
CVE-2024-1215,https://securityvulnerability.io/vulnerability/CVE-2024-1215,CRUD without Page Reload Vulnerable to Cross-Site Scripting,A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file fetch_data.php. The manipulation of the argument username/city leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252782 is the identifier assigned to this vulnerability.,SourceCodester,CRUD without Page Reload,6.1,MEDIUM,0.0006300000241026282,false,,false,false,true,2024-02-03T15:31:03.000Z,true,false,false,,2024-02-03T15:31:03.720Z,0