cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-7284,https://securityvulnerability.io/vulnerability/CVE-2024-7284,Cross Site Scripting Vulnerability in Lot Reservation Management System 1.0,"A cross-site scripting flaw has been identified in the SourceCodester Lot Reservation Management System version 1.0 that affects the file /admin/ajax.php when handling the action parameter 'save_settings'. This vulnerability allows attackers to manipulate input data, potentially leading to the execution of arbitrary scripts in the context of the user's browser. The attack can be carried out remotely, making it accessible to malicious actors who may exploit this vulnerability to compromise the security of the affected system. Public disclosure of this vulnerability increases the risk of exploitation, necessitating immediate attention from users and administrators to secure their installations.",Sourcecodester,Lot Reservation Management System,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-07-31T02:00:08.000Z,true,false,false,,2024-07-31T03:00:08.531Z,0
CVE-2024-7283,https://securityvulnerability.io/vulnerability/CVE-2024-7283,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A serious security issue has been identified in the SourceCodester Lot Reservation Management System version 1.0, specifically in the functionality related to the manage_user.php file. This vulnerability arises from improper input validation within the 'id' argument, enabling an attacker to execute SQL injection attacks remotely. By manipulating the 'id' parameter, unauthorized users may gain the ability to execute arbitrary SQL code, compromising the integrity and confidentiality of the database. This flaw poses a significant risk, as it has been publicly disclosed, and could potentially be exploited by malicious actors. Organizations using this system are strongly advised to implement security patches and mitigations to protect their data and infrastructure.",Sourcecodester,Lot Reservation Management System,8.8,HIGH,0.0007300000288523734,false,,false,false,true,2024-07-31T01:31:03.000Z,true,false,false,,2024-07-31T02:31:03.785Z,0
CVE-2024-7282,https://securityvulnerability.io/vulnerability/CVE-2024-7282,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A serious SQL injection vulnerability has been identified in the SourceCodester Lot Reservation Management System version 1.0, specifically within the /admin/manage_model.php file. This vulnerability arises from improper handling of user inputs in the 'id' parameter, allowing malicious actors to execute arbitrary SQL queries against the underlying database. The attack can be carried out remotely, making it critical for organizations using this system to implement immediate security measures to block potential exploitation. Given that details of this vulnerability have been made public, it poses a significant risk to systems reliant on this software. It is recommended that users apply necessary patches and updates to safeguard their applications from potential attacks.",Sourcecodester,Lot Reservation Management System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-07-31T01:00:06.000Z,true,false,false,,2024-07-31T02:00:06.585Z,0
CVE-2024-7281,https://securityvulnerability.io/vulnerability/CVE-2024-7281,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A serious SQL injection vulnerability exists in the SourceCodester Lot Reservation Management System version 1.0. This security flaw is located in the /admin/index.php?page=manage_lot file, where improper handling of the 'id' argument allows attackers to execute arbitrary SQL commands. Exploiting this vulnerability can enable unauthorized remote access to the application, potentially leading to data breaches, unauthorized data manipulation, and other malicious activities. With public disclosure of the exploit, it poses an immediate threat to users of the affected product. It is crucial for users to assess their systems and apply appropriate security measures to mitigate risks.",Sourcecodester,Lot Reservation Management System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-07-31T00:31:03.000Z,true,false,false,,2024-07-31T01:31:03.655Z,0
CVE-2024-7280,https://securityvulnerability.io/vulnerability/CVE-2024-7280,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A significant SQL injection vulnerability exists in the SourceCodester Lot Reservation Management System version 1.0, specifically in the file /admin/view_reserved.php. This flaw arises from inadequate validation of the 'id' parameter, allowing attackers to manipulate database queries. Once exploited, this vulnerability permits unauthorized access to sensitive data and manipulation of backend database operations, potentially leading to critical data breaches. The issue is publicly disclosed and can be exploited remotely, emphasizing the urgent need for patching and securing the application.",Sourcecodester,Lot Reservation Management System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-07-31T00:00:14.000Z,true,false,false,,2024-07-31T01:00:14.310Z,0
CVE-2024-7279,https://securityvulnerability.io/vulnerability/CVE-2024-7279,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A critical SQL injection vulnerability exists in the SourceCodester Lot Reservation Management System version 1.0, specifically within the /admin/ajax.php file during the login action. This flaw allows attackers to manipulate the 'username' parameter, leading to unauthorized SQL command execution. By exploiting this vulnerability remotely, attackers can gain access to sensitive database information, potentially compromising the entire application. As this vulnerability has been publicly disclosed, immediate actions should be taken to mitigate any risks associated with its exploitation. Users of the affected product are strongly advised to apply patches or workarounds provided by SourceCodester.",Sourcecodester,Lot Reservation Management System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-07-30T23:31:03.000Z,true,false,false,,2024-07-31T00:31:03.880Z,0
CVE-2024-7223,https://securityvulnerability.io/vulnerability/CVE-2024-7223,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A critical vulnerability has been detected in the SourceCodester Lot Reservation Management System version 1.0. This security weakness pertains to an unknown functionality within the view_model.php file, where improper handling of input can allow an attacker to manipulate the 'id' argument. Such manipulation opens the door to SQL injection attacks, enabling unauthorized access to the database. This vulnerability can be exploited remotely, posing a significant threat to the integrity of systems utilizing this software. Given its public disclosure, it is crucial for users of the affected system to take immediate action to mitigate risks.",SourceCodester,Lot Reservation Management System,9.8,CRITICAL,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-07-30T08:15:00.000Z,0
CVE-2024-7224,https://securityvulnerability.io/vulnerability/CVE-2024-7224,SQL Injection Vulnerability in SourceCodester Lot Reservation Management System,"A severe SQL injection vulnerability has been identified in the SourceCodester Lot Reservation Management System version 1.0, specifically within the /lot_details.php file. This flaw allows unauthorized manipulation of the 'id' parameter, potentially enabling attackers to execute arbitrary SQL queries against the database. As this vulnerability can be exploited remotely, it poses a significant security risk, particularly if it is publicly disclosed, facilitating easy exploitation. Organizations using this system should prioritize patching and review their security measures to prevent potential breaches.",SourceCodester,Lot Reservation Management System,9.8,CRITICAL,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-07-30T08:15:00.000Z,0