cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-7134,https://securityvulnerability.io/vulnerability/CVE-2023-7134,SourceCodester Medicine Tracking System path traversal,A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249137 was assigned to this vulnerability.,Sourcecodester,Medicine Tracking System,6.3,MEDIUM,0.0014100000262260437,false,,false,false,false,,,false,false,,2023-12-28T20:16:00.000Z,0
CVE-2023-7123,https://securityvulnerability.io/vulnerability/CVE-2023-7123,SourceCodester Medicine Tracking System sql injection,"A SQL injection vulnerability has been identified in the SourceCodester Medicine Tracking System version 1.0. The flaw resides in the handling of input parameters within the /classes/Master.php file, specifically when processing requests to save medicine. By manipulating the 'id', 'name', or 'description' parameters, an attacker could execute unauthorized SQL commands, potentially compromising the database. This vulnerability can be exploited remotely, which raises significant security concerns. Public disclosure of this exploit means that immediate action should be taken to mitigate the risk.",SourceCodester,Medicine Tracking System,9.8,CRITICAL,0.006039999891072512,false,,false,false,false,,,false,false,,2023-12-28T00:15:00.000Z,0