cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-9089,https://securityvulnerability.io/vulnerability/CVE-2024-9089,Cross Site Scripting Vulnerability Discovered in Modern Loan Management System,"A security flaw has been identified in the SourceCodester Modern Loan Management System 1.0, specifically within the processing of the update_loan_record.php file. This vulnerability enables the manipulation of the 'amount' argument, leading to potential cross-site scripting attacks. Threat actors can initiate these exploits remotely, posing a risk to the integrity of user data. The vulnerability has been publicly disclosed, and it highlights the importance of prompt remediation and security best practices to protect against such risks.",SourceCodester,Modern Loan Management System,5.4,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2024-09-23T00:15:00.000Z,0
CVE-2024-9090,https://securityvulnerability.io/vulnerability/CVE-2024-9090,SQL Injection Vulnerability in SourceCodester Modern Loan Management System,"A security vulnerability has been identified in the SourceCodester Modern Loan Management System version 1.0, specifically within the file search_member.php. This vulnerability allows an attacker to manipulate the searchMember argument, resulting in SQL injection attacks. Such vulnerabilities can be exploited remotely, posing a significant risk to environments utilizing this software. Since the exploit information has been publicly disclosed, organizations are urged to assess their systems for this vulnerability and implement necessary security measures to protect against potential database breaches.",SourceCodester,Modern Loan Management System,9.8,CRITICAL,0.0016499999910593033,false,,false,false,false,,,false,false,,2024-09-23T00:15:00.000Z,0