cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8142,https://securityvulnerability.io/vulnerability/CVE-2024-8142,Cross Site Scripting Vulnerability in Daily Calories Monitoring Tool,"A cross site scripting (XSS) vulnerability exists in the SourceCodester Daily Calories Monitoring Tool version 1.0 that affects the endpoint /endpoint/delete-calorie.php. Attackers can manipulate the calorie parameter to execute scripts in the context of the user's session. Given that the exploitation can be performed remotely, this vulnerability poses a significant risk to users of the application. It is essential for users and administrators to apply necessary precautions to mitigate these security risks.",Sourcecodester,Daily Calories Monitoring Tool,5.4,MEDIUM,0.0008399999933317304,false,,false,false,true,2024-08-25T01:31:04.000Z,true,false,false,,2024-08-25T02:31:04.486Z,0
CVE-2024-8141,https://securityvulnerability.io/vulnerability/CVE-2024-8141,Cross Site Scripting Vulnerability in Daily Calories Monitoring Tool,"A cross site scripting vulnerability exists in the SourceCodester Daily Calories Monitoring Tool version 1.0, specifically in the /endpoint/add-calorie.php file. This flaw allows an attacker to manipulate the 'calorie_date' and 'calorie_name' parameters, leading to potential execution of malicious scripts in the context of a victim's session. The vulnerability can be exploited remotely, making it crucial for users to apply fixes or mitigations to safeguard against possible exploitation. Public disclosure of this exploit raises awareness about the need for improved security measures in web applications.",Sourcecodester,Daily Calories Monitoring Tool,5.4,MEDIUM,0.000699999975040555,false,,false,false,true,2024-08-25T01:00:04.000Z,true,false,false,,2024-08-25T02:00:04.883Z,0
CVE-2024-40472,https://securityvulnerability.io/vulnerability/CVE-2024-40472,SQL Injection Vulnerability in Daily Calories Monitoring Tool v1.0,"The Daily Calories Monitoring Tool version 1.0 from Sourcecodester is exposed to an SQL Injection vulnerability through the 'delete-calorie.php' script. This flaw allows attackers to manipulate SQL queries by injecting arbitrary code, potentially leading to unauthorized access to sensitive data. Attackers could exploit this vulnerability to extract, modify, or delete records from the database, jeopardizing the integrity and confidentiality of user information. Organizations utilizing this tool must implement appropriate security measures to mitigate the risks associated with this vulnerability.",Sourcecodester,Daily Calories Monitoring Tool,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-12T13:38:00.000Z,0