cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-2678,https://securityvulnerability.io/vulnerability/CVE-2023-2678,SourceCodester File Tracker Manager System POST Parameter save_user.php cross site scripting,A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /file_manager/admin/save_user.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228892.,SourceCodester,File Tracker Manager System,5.4,MEDIUM,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-05-12T10:15:00.000Z,0
CVE-2023-2643,https://securityvulnerability.io/vulnerability/CVE-2023-2643,SourceCodester File Tracker Manager System POST Parameter update_password.php sql injection,"A critical SQL injection vulnerability has been identified in SourceCodester's File Tracker Manager System 1.0. This vulnerability resides in the POST Parameter Handler component, specifically in the file register/update_password.php. By manipulating the new_password parameter, an attacker can execute arbitrary SQL commands, potentially compromising the database. The flaw allows for remote exploitation, making it essential for users to apply relevant patches and take preventative measures to safeguard their systems.",SourceCodester,File Tracker Manager System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-05-11T07:15:00.000Z,0
CVE-2023-1302,https://securityvulnerability.io/vulnerability/CVE-2023-1302,SourceCodester File Tracker Manager System borrow1.php cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester File Tracker Manager System 1.0. This affects an unknown part of the file normal/borrow1.php. The manipulation of the argument id with the input 1""><script>alert(1111)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222663.",SourceCodester,File Tracker Manager System,6.1,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-03-09T22:15:00.000Z,0
CVE-2023-1294,https://securityvulnerability.io/vulnerability/CVE-2023-1294,SourceCodester File Tracker Manager System POST Parameter login.php sql injection,"A SQL injection vulnerability exists in the File Tracker Manager System 1.0 from SourceCodester, particularly within the POST Parameter Handler component in the file /file_manager/login.php. This flaw allows attackers to manipulate the username parameter, possibly leading to unauthorized access and data exposure. The vulnerability can be exploited remotely, posing significant risks to affected systems. Awareness and prompt remediation are essential to mitigate potential abuse of this publicly disclosed vulnerability.",SourceCodester,File Tracker Manager System,9.8,CRITICAL,0.002309999894350767,false,,false,false,false,,,false,false,,2023-03-09T15:15:00.000Z,0