cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1566,https://securityvulnerability.io/vulnerability/CVE-2023-1566,SourceCodester Medical Certificate Generator App action.php sql injection,"A vulnerability in the SourceCodester Medical Certificate Generator App version 1.0 allows for SQL injection via the manipulation of the 'id' parameter in the action.php file. This flaw permits remote attackers to execute arbitrary SQL commands, potentially exposing sensitive data or compromising the application's integrity. Prompt remediation is essential, as the exploit has been made public, increasing the risk of exploitation.",SourceCodester,Medical Certificate Generator App,9.8,CRITICAL,0.0018500000005587935,false,,false,false,false,,,false,false,,2023-03-22T14:15:00.000Z,0
CVE-2023-1006,https://securityvulnerability.io/vulnerability/CVE-2023-1006,SourceCodester Medical Certificate Generator App New Record cross site scripting,"A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been classified as problematic. This affects an unknown part of the component New Record Handler. The manipulation of the argument Firstname/Middlename/Lastname/Suffix/Nationality/Doctor Fullname/Doctor Suffix with the input ""><script>prompt(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-221739.",SourceCodester,Medical Certificate Generator App,5.4,MEDIUM,0.0014700000174343586,false,,false,false,false,,,false,false,,2023-02-24T09:15:00.000Z,0
CVE-2023-0774,https://securityvulnerability.io/vulnerability/CVE-2023-0774,SourceCodester Medical Certificate Generator App action.php sql injection,"A significant SQL injection vulnerability exists in SourceCodester's Medical Certificate Generator App 1.0, specifically in the handling of user-supplied input through the `lastname` argument in the `action.php` file. This vulnerability allows attackers to manipulate SQL queries, potentially leading to unauthorized access to the database. The exploit can be executed remotely, making it a serious risk for users. Public disclosure of this vulnerability raises concerns regarding its exploitation in the wild.",SourceCodester,Medical Certificate Generator App,9.8,CRITICAL,0.0018500000005587935,false,,false,false,false,,,false,false,,2023-02-10T12:15:00.000Z,0
CVE-2023-0707,https://securityvulnerability.io/vulnerability/CVE-2023-0707,SourceCodester Medical Certificate Generator App function.php delete_record sql injection,"A security flaw has been identified in the SourceCodester Medical Certificate Generator App 1.0, where improper validation in the delete_record function located in function.php allows an attacker to execute SQL injection attacks. By manipulating the argument id, unauthorized users can compromise the backend database, leading to potential exposure of sensitive data and disruption of service. It is crucial for users of the application to take remedial measures to safeguard against this vulnerability.",SourceCodester,Medical Certificate Generator App,9.8,CRITICAL,0.0014400000218302011,false,,false,false,false,,,false,false,,2023-02-07T13:15:00.000Z,0
CVE-2023-0706,https://securityvulnerability.io/vulnerability/CVE-2023-0706,SourceCodester Medical Certificate Generator App manage_record.php sql injection,"A vulnerability exists within the SourceCodester Medical Certificate Generator App 1.0 that enables remote SQL injection through manipulated parameters in the manage_record.php file. Attackers can exploit this flaw to execute arbitrary SQL queries, potentially leading to unauthorized data access and manipulation. This security issue highlights the need for developers to validate user input effectively and implement secure coding practices to protect against injection attacks.",SourceCodester,Medical Certificate Generator App,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-02-07T10:15:00.000Z,0