cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12536,https://securityvulnerability.io/vulnerability/CVE-2024-12536,Kortex Lite Advocate Office Management System 1.0 Vulnerable to Cross-Site Scripting Attacks,"A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the file /control/client_data.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",Sourcecodester,Kortex Lite Advocate Office Management System,5.4,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2024-12-12T01:00:15.911Z,0
CVE-2024-7639,https://securityvulnerability.io/vulnerability/CVE-2024-7639,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A severe SQL injection vulnerability has been identified in the SourceCodester Kortex Lite Advocate Office Management System version 1.0. The flaw resides in the delete_act.php file, where improper handling of the 'id' parameter allows remote attackers to execute arbitrary SQL queries against the database. This can lead to unauthorized data access, modification, or even complete system compromise. The vulnerability has been publicly disclosed, heightening the risk for users who have not yet applied recommended security patches or mitigations. It is crucial for organizations utilizing this software to take immediate action to safeguard their systems.",Sourcecodester,Kortex Lite Advocate Office Management System,9.8,CRITICAL,0.0013800000306218863,false,,false,false,true,2024-08-12T12:38:00.000Z,true,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2024-7638,https://securityvulnerability.io/vulnerability/CVE-2024-7638,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A SQL injection vulnerability has been discovered in the SourceCodester Kortex Lite Advocate Office Management System version 1.0, specifically affecting the delete_client.php file. This security flaw allows attackers to manipulate the 'id' parameter, which can be exploited remotely to execute unauthorized SQL queries. Such vulnerabilities potentially expose sensitive data and compromise the integrity of the system. Quick action is necessary to mitigate risks associated with this vulnerability, particularly for organizations utilizing the affected system.",Sourcecodester,Kortex Lite Advocate Office Management System,9.8,CRITICAL,0.0013800000306218863,false,,false,false,true,2024-08-12T12:38:00.000Z,true,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2024-7640,https://securityvulnerability.io/vulnerability/CVE-2024-7640,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A critical vulnerability has been discovered in the Kortex Lite Advocate Office Management System version 1.0, specifically within the delete_register.php file. The vulnerability arises from improper handling of the case_register_id parameter, which enables attackers to execute SQL injection attacks. This flaw allows remote attackers to manipulate queries and potentially gain unauthorized access to sensitive data. Immediate action is advised to mitigate the risks associated with this publicly disclosed exploit, as proactive measures are essential in safeguarding your systems against malicious actors.",Sourcecodester,Kortex Lite Advocate Office Management System,9.8,CRITICAL,0.0013800000306218863,false,,false,false,true,2024-08-12T12:38:00.000Z,true,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2024-7641,https://securityvulnerability.io/vulnerability/CVE-2024-7641,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A significant vulnerability has been identified in the SourceCodester Kortex Lite Advocate Office Management System version 1.0, specifically within the deactivate_act.php file. This vulnerability arises from improper handling of the 'id' parameter, allowing attackers to perform SQL injection attacks. Such manipulation can enable remote attackers to execute unauthorized SQL commands, potentially compromising the application's data integrity and confidentiality. With public disclosure of this exploit, immediate action is recommended to mitigate potential threats.",Sourcecodester,Kortex Lite Advocate Office Management System,9.8,CRITICAL,0.0013800000306218863,false,,false,false,true,2024-08-12T12:38:00.000Z,true,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2024-7642,https://securityvulnerability.io/vulnerability/CVE-2024-7642,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A significant SQL injection vulnerability has been identified in the SourceCodester Kortex Lite Advocate Office Management System 1.0. This vulnerability involves the activate_act.php file where the manipulation of the argument 'id' allows for unauthorized access to the database. Attackers can exploit this vulnerability remotely, injecting malicious SQL queries and potentially compromising sensitive data. Public disclosure of this exploit raises urgent concerns regarding the security of systems using this software version. Users of Kortex Lite Advocate Office Management System are advised to take immediate action to mitigate potential risks related to this vulnerability.",Sourcecodester,Kortex Lite Advocate Office Management System,9.8,CRITICAL,0.0013800000306218863,false,,false,false,true,2024-08-12T12:38:00.000Z,true,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2024-7686,https://securityvulnerability.io/vulnerability/CVE-2024-7686,Cross Site Scripting Vulnerability in Korlex Lite Advocate Office Management System,"A cross site scripting (XSS) vulnerability exists in the register_case.php file of the Kortex Lite Advocate Office Management System 1.0. This vulnerability arises from improper handling of input arguments like title, description, and opposite_lawyer, which can be exploited by attackers to inject malicious scripts into web pages viewed by other users. The exploit can be executed remotely, making it particularly dangerous for users of the affected software. As this vulnerability has been disclosed publicly, malicious actors may leverage it to compromise the security and integrity of the application and its users.",Sourcecodester,Kortex Lite Advocate Office Management System,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-12T00:31:05.000Z,true,false,false,,2024-08-12T01:31:05.475Z,0
CVE-2024-7685,https://securityvulnerability.io/vulnerability/CVE-2024-7685,Cross Site Scripting Vulnerability Affects Kortex Lite Advocate Office Management System,"A significant security issue has been identified in the SourceCodester Kortex Lite Advocate Office Management System version 1.0, specifically within the adds.php file. This vulnerability allows attackers to exploit cross-site scripting (XSS) by manipulating parameters such as name, dob, email, mobile, and address. This exploitation can be carried out remotely, increasing the risk to users and organizations employing this system. Public disclosure of the exploitibility has raised concerns over potential attacks targeting this functionality.",Sourcecodester,Kortex Lite Advocate Office Management System,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-12T00:31:03.000Z,true,false,false,,2024-08-12T01:31:03.841Z,0
CVE-2024-7684,https://securityvulnerability.io/vulnerability/CVE-2024-7684,Cross Site Scripting Vulnerability in Kortex Lite Advocate Office Management System 1.0,"A vulnerability has been identified in the SourceCodester Kortex Lite Advocate Office Management System 1.0. This issue specifically resides in the add_act.php file, where the manipulation of the 'aname' argument can lead to cross-site scripting (XSS) attacks. This vulnerability creates an opportunity for attackers to execute scripts in the context of a user's session. With the potential for remote exploitation, the vulnerability poses significant risks for users utilizing the affected version of the software. Public disclosures regarding this exploit have raised concerns, emphasizing the need for immediate attention from system administrators.",Sourcecodester,Kortex Lite Advocate Office Management System,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-12T00:00:11.000Z,true,false,false,,2024-08-12T01:00:11.993Z,0
CVE-2024-7683,https://securityvulnerability.io/vulnerability/CVE-2024-7683,Cross-site Scripting Vulnerability in Kortex Lite Advocate Office Management System 1.0,"A cross-site scripting vulnerability is present in the addcase_stage.php file of SourceCodester's Kortex Lite Advocate Office Management System version 1.0. This vulnerability arises due to improper handling of the 'cname' argument, which can be manipulated by attackers to inject malicious scripts. The nature of this vulnerability allows for remote exploitation, making it imperative for users and organizations to implement necessary security measures to safeguard their systems against potential attacks.",Sourcecodester,Kortex Lite Advocate Office Management System,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-12T00:00:10.000Z,true,false,false,,2024-08-12T01:00:10.271Z,0
CVE-2024-6729,https://securityvulnerability.io/vulnerability/CVE-2024-6729,Remote SQL Injection Vulnerability in Kortex Lite Advocate Office Management System,"A SQL injection vulnerability exists in the SourceCodester Kortex Lite Advocate Office Management System 1.0. Specifically, this issue arises from improper validation of the 'aname' parameter in the /control/add_act.php file, allowing attackers to manipulate SQL queries and execute arbitrary commands against the database. This vulnerability can be exploited remotely, enabling unauthorized access and potential data leaks. The exploit has been made public, which increases the risk for organizations using this system to be targeted.",Sourcecodester,Kortex Lite Advocate Office Management System,8.8,HIGH,0.0007600000244565308,false,,false,false,true,2024-07-14T00:00:08.000Z,true,false,false,,2024-07-14T01:00:08.304Z,0
CVE-2024-3621,https://securityvulnerability.io/vulnerability/CVE-2024-3621,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A critical SQL injection vulnerability exists in the SourceCodester Kortex Lite Advocate Office Management System version 1.0, specifically within the /control/register_case.php file. This vulnerability allows remote attackers to manipulate database queries through the injection of crafted parameters such as title, case_no, client_name, court, case_type, case_stage, legal_acts, description, filling_date, hearing_date, opposite_lawyer, total_fees, and unpaid. If successfully executed, this vulnerability could enable attackers to gain unauthorized access to the database, retrieve sensitive information, or alter existing entries. Immediate action is recommended to assess and remediate this vulnerability to protect against potential exploitation.",Sourcecodester,Kortex Lite Advocate Office Management System,7.2,HIGH,0.009829999879002571,false,,false,false,true,2024-04-11T02:31:04.000Z,true,false,false,,2024-04-11T03:31:04.506Z,0
CVE-2024-3620,https://securityvulnerability.io/vulnerability/CVE-2024-3620,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A security vulnerability has been identified in the SourceCodester Kortex Lite Advocate Office Management System version 1.0, located in the /control/adds.php file. The vulnerability allows for SQL injection through manipulation of the parameters such as name, gender, date of birth, email, mobile, and address. This flaw enables attackers to execute arbitrary SQL code, potentially leading to unauthorized access to sensitive data. The vulnerability can be exploited remotely, making it particularly dangerous. Given its public disclosure, it poses an immediate risk to users until a security patch is implemented. Users of the affected system are strongly urged to update their installations to protect against potential malicious exploitation.",Sourcecodester,Kortex Lite Advocate Office Management System,7.2,HIGH,0.014139999635517597,false,,false,false,true,2024-04-11T02:00:06.000Z,true,false,false,,2024-04-11T03:00:06.478Z,0
CVE-2024-3619,https://securityvulnerability.io/vulnerability/CVE-2024-3619,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A serious SQL injection vulnerability has been identified in the SourceCodester Kortex Lite Advocate Office Management System version 1.0. This flaw resides in the /control/addcase_stage.php file, where inadequate input validation allows an attacker to manipulate the 'cname' parameter, leading to unauthorized access to the database. The vulnerability can be exploited remotely, permitting attackers to execute arbitrary SQL code, potentially compromising sensitive information. This vulnerability has been disclosed publicly, increasing the urgency for affected users to apply security patches and protect their systems from potential attacks. For additional technical details and mitigation strategies, refer to the VDB-260275 entry and related resources.",Sourcecodester,Kortex Lite Advocate Office Management System,7.2,HIGH,0.014139999635517597,false,,false,false,true,2024-04-11T02:00:05.000Z,true,false,false,,2024-04-11T03:00:05.077Z,0
CVE-2024-3618,https://securityvulnerability.io/vulnerability/CVE-2024-3618,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A serious SQL injection vulnerability has been discovered in SourceCodester's Kortex Lite Advocate Office Management System version 1.0. The issue resides within an unspecified function in the file /control/activate_case.php, where the manipulation of the 'id' parameter can lead to unauthorized access to the database, enabling remote attackers to execute arbitrary SQL statements. This vulnerability poses a significant risk as it can lead to severe data breaches and unauthorized data manipulation. Due to its public disclosure, immediate action is recommended for organizations utilizing this system to protect their data integrity and prevent exploitation. Security measures should be implemented to filter and validate user inputs effectively.",Sourcecodester,Kortex Lite Advocate Office Management System,7.2,HIGH,0.014139999635517597,false,,false,false,true,2024-04-11T01:31:05.000Z,true,false,false,,2024-04-11T02:31:05.131Z,0
CVE-2024-3617,https://securityvulnerability.io/vulnerability/CVE-2024-3617,SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System,"A critical security vulnerability has been identified in the Kortex Lite Advocate Office Management System version 1.0, developed by SourceCodester. The issue resides in the processing of requests in the deactivate_case.php file, where improper validation allows for SQL injection. Attackers can manipulate the 'id' argument, enabling them to execute unauthorized SQL commands. This vulnerability can be exploited remotely, posing significant risks to users by potentially allowing attackers to gain access to sensitive data or modify database entries. It is imperative for organizations using affected versions of this software to apply security patches or mitigations immediately to protect against possible breaches.",Sourcecodester,Kortex Lite Advocate Office Management System,7.2,HIGH,0.014139999635517597,false,,false,false,true,2024-04-11T01:00:05.000Z,true,false,false,,2024-04-11T02:00:05.385Z,0