cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1379,https://securityvulnerability.io/vulnerability/CVE-2023-1379,SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter addmem.php sql injection,"An SQL injection vulnerability has been identified in the SourceCodester Friendly Island Pizza Website and Ordering System version 1.0. This security flaw arises from improper handling of POST parameters, specifically in the addmem.php file, where manipulation of the 'firstname' argument can allow unauthorized users to execute arbitrary SQL queries. Given that this vulnerability can be exploited remotely, it poses a significant risk to the integrity and confidentiality of the application’s data. Prompt remediation is essential to safeguard against potential attacks.",SourceCodester,Friendly Island Pizza Website and Ordering System,9.8,CRITICAL,0.002859999891370535,false,,false,false,false,,,false,false,,2023-03-15T16:15:00.000Z,0
CVE-2023-1418,https://securityvulnerability.io/vulnerability/CVE-2023-1418,SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter cashconfirm.php cross site scripting,A vulnerability classified as problematic was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file cashconfirm.php of the component POST Parameter Handler. The manipulation of the argument transactioncode leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223129 was assigned to this vulnerability.,SourceCodester,Friendly Island Pizza Website and Ordering System,6.1,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-03-15T16:15:00.000Z,0
CVE-2023-1378,https://securityvulnerability.io/vulnerability/CVE-2023-1378,SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter paypalsuccess.php sql injection,"A SQL injection vulnerability exists within the Friendly Island Pizza Website and Ordering System, specifically in the paypalsuccess.php file's POST Parameter Handler. This flaw arises from improper handling of the 'cusid' argument, allowing attackers to manipulate SQL queries. This exploitation can be conducted remotely, posing a significant risk to the integrity of the database and sensitive user information. Public disclosure of the vulnerability has raised concerns, emphasizing the need for prompt security measures to mitigate potential attacks.",SourceCodester,Friendly Island Pizza Website and Ordering System,9.8,CRITICAL,0.0026599999982863665,false,,false,false,false,,,false,false,,2023-03-13T18:15:00.000Z,0
CVE-2023-1311,https://securityvulnerability.io/vulnerability/CVE-2023-1311,SourceCodester Friendly Island Pizza Website and Ordering System GET Parameter large.php sql injection,"A vulnerability was discovered in the Friendly Island Pizza Website and Ordering System 1.0, specifically in the GET Parameter Handler located in large.php. An attacker can exploit this SQL injection vulnerability by manipulating the 'id' parameter, potentially allowing unauthorized access to the database. This vulnerability can be triggered remotely, making it critical for users to implement preventive measures promptly. The exploit has been publicly disclosed, increasing the urgency for systems using this software to secure their applications.",SourceCodester,Friendly Island Pizza Website and Ordering System,9.8,CRITICAL,0.0026599999982863665,false,,false,false,false,,,false,false,,2023-03-10T08:15:00.000Z,0
CVE-2023-1301,https://securityvulnerability.io/vulnerability/CVE-2023-1301,SourceCodester Friendly Island Pizza Website and Ordering System GET Parameter deleteorder.php sql injection,"The Friendly Island Pizza Website and Ordering System version 1.0 has a vulnerability in its file deleteorder.php, which is part of the GET Parameter Handler. An attacker can manipulate the 'id' parameter to execute SQL injection attacks remotely, potentially compromising the database. This exploit has been made public and poses a risk to users of this system.",SourceCodester,Friendly Island Pizza Website and Ordering System,9.8,CRITICAL,0.0026599999982863665,false,,false,false,false,,,false,false,,2023-03-09T22:15:00.000Z,0