cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-2962,https://securityvulnerability.io/vulnerability/CVE-2023-2962,SourceCodester Faculty Evaluation System sql injection,"A vulnerability exists within the SourceCodester Faculty Evaluation System 1.0 that allows attackers to exploit the 'id' argument in the file index.php?page=edit_user, leading to SQL injection attacks. This security flaw enables unauthorized remote access, potentially compromising sensitive data stored in the database. With the public disclosure of the exploit, it is crucial to address this vulnerability promptly to mitigate the risk of exploitation.",SourceCodester,Faculty Evaluation System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-05-29T14:15:00.000Z,0
CVE-2023-2367,https://securityvulnerability.io/vulnerability/CVE-2023-2367,SourceCodester Faculty Evaluation System manage_academic.php sql injection,"A vulnerability has been identified in the SourceCodester Faculty Evaluation System version 1.0, specifically affecting the /admin/manage_academic.php file. This vulnerability arises from improper handling of the 'id' parameter, which allows an attacker to manipulate SQL queries, leading to unauthorized access to the database. The exploitation of this weakness can be conducted remotely, making it a significant threat to the application's integrity and data confidentiality. Given that the exploit has been publicly disclosed, organizations using this software are urged to take immediate action to mitigate potential risks.",Sourcecodester,Faculty Evaluation System,4.7,MEDIUM,0.0026400000788271427,false,,false,false,true,2023-04-28T13:15:00.000Z,true,false,false,,2023-04-28T13:15:00.000Z,0
CVE-2023-2368,https://securityvulnerability.io/vulnerability/CVE-2023-2368,SourceCodester Faculty Evaluation System sql injection,"A security flaw exists in SourceCodester's Faculty Evaluation System 1.0, specifically within the code handling the index.php?page=manage_questionnaire file. By manipulating the 'id' parameter, an attacker could execute arbitrary SQL queries, effectively compromising the application's database. This vulnerability can be exploited remotely, allowing potential attackers to retrieve sensitive data or manipulate the database without the need for prior authentication. The exploit's details have been publicly available, raising concerns about the ongoing risk for users of this application.",SourceCodester,Faculty Evaluation System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-28T13:15:00.000Z,0
CVE-2023-2369,https://securityvulnerability.io/vulnerability/CVE-2023-2369,SourceCodester Faculty Evaluation System manage_restriction.php sql injection,A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/manage_restriction.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227645 was assigned to this vulnerability.,Sourcecodester,Faculty Evaluation System,4.7,MEDIUM,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-28T13:15:00.000Z,0
CVE-2023-2365,https://securityvulnerability.io/vulnerability/CVE-2023-2365,SourceCodester Faculty Evaluation System sql injection,"An SQL injection vulnerability has been identified in the SourceCodester Faculty Evaluation System 1.0 due to improper handling of the 'id' parameter in the ajax.php?action=delete_subject file. This flaw allows remote attackers to execute arbitrary SQL commands, potentially compromising the underlying database and exposing sensitive information. The exploit is publicly disclosed, indicating a real risk for users of this system.",SourceCodester,Faculty Evaluation System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-28T12:15:00.000Z,0
CVE-2023-2366,https://securityvulnerability.io/vulnerability/CVE-2023-2366,SourceCodester Faculty Evaluation System sql injection,"A security vulnerability exists in SourceCodester's Faculty Evaluation System version 1.0, specifically in the ajax.php file where the action 'delete_class' is executed. An attacker can manipulate the 'id' argument, allowing for SQL injection attacks. This flaw enables an unauthorized user to execute malicious SQL queries, potentially leading to data exposure or manipulation. Given that this vulnerability can be exploited remotely, it poses significant risks to users and institutions relying on this system. Immediate attention is required to implement patches or mitigate this risk.",SourceCodester,Faculty Evaluation System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-28T12:15:00.000Z,0