cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4920,https://securityvulnerability.io/vulnerability/CVE-2024-4920,Unrestricted File Upload Vulnerability in SourceCodester Online Discussion Forum Site,"A vulnerability affecting the SourceCodester Online Discussion Forum Site version 1.0 has been identified, leading to unrestricted file upload due to improper handling of user input in the registerH.php script. This vulnerability allows attackers to remotely execute arbitrary code by uploading malicious files without adequate validation checks. As this issue has been made publicly known, it poses a significant risk to users and administrators, who are advised to apply necessary security measures immediately to mitigate the potential for exploitation.",SourceCodester,Online Discussion Forum Site,9.8,CRITICAL,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-05-16T00:15:00.000Z,0
CVE-2024-2690,https://securityvulnerability.io/vulnerability/CVE-2024-2690,Unrestricted File Upload Vulnerability in SourceCodester Online Discussion Forum Site 1.0,A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file /uupdate.php. The manipulation of the argument ima leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257388.,Sourcecodester,Online Discussion Forum Site,6.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-03-20T10:00:06.000Z,true,false,false,,2024-03-20T10:00:06.860Z,0
CVE-2023-3150,https://securityvulnerability.io/vulnerability/CVE-2023-3150,SourceCodester Online Discussion Forum Site manage_post.php sql injection,"A SQL injection vulnerability exists in the manage_post.php file of the SourceCodester Online Discussion Forum Site 1.0. This flaw allows attackers to manipulate the 'id' argument, potentially enabling the execution of unauthorized SQL queries. Remote exploitation is possible, making this a serious concern. The vulnerability has been publicly disclosed, raising the likelihood of targeted attacks. For further details, visit the VDB-231019 entry.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.002730000065639615,false,,false,false,false,,,false,false,,2023-06-07T18:15:00.000Z,0
CVE-2023-3152,https://securityvulnerability.io/vulnerability/CVE-2023-3152,SourceCodester Online Discussion Forum Site view_post.php sql injection,"A significant vulnerability exists in the SourceCodester Online Discussion Forum Site 1.0, specifically in the admin/posts/view_post.php file. This vulnerability allows for SQL injection attacks, which can be exploited remotely. Once exploited, attackers can manipulate database queries, potentially leading to unauthorized access or data manipulation. The existence of this vulnerability has been made public, increasing the urgency for users to secure their installations.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.002730000065639615,false,,false,false,false,,,false,false,,2023-06-07T18:15:00.000Z,0
CVE-2023-3151,https://securityvulnerability.io/vulnerability/CVE-2023-3151,SourceCodester Online Discussion Forum Site manage_user.php sql injection,"A vulnerability in the SourceCodester Online Discussion Forum Site version 1.0 allows for SQL injection through manipulation of the 'id' argument in the user/manage_user.php file. This security flaw can be exploited remotely and poses significant risks as it may lead to unauthorized database access. The exploit has been publicly disclosed, increasing its potential for exploitation.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.002730000065639615,false,,false,false,false,,,false,false,,2023-06-07T18:15:00.000Z,0
CVE-2023-3149,https://securityvulnerability.io/vulnerability/CVE-2023-3149,SourceCodester Online Discussion Forum Site manage_user.php sql injection,"A SQL injection vulnerability has been identified in the Online Discussion Forum Site version 1.0 by SourceCodester. The vulnerability resides in the 'manage_user.php' file, where improper input validation allows attackers to manipulate the 'id' argument. This can lead to unauthorized SQL commands being executed in the database, potentially exposing sensitive data or allowing remote attackers to gain administrative access. The exploit has been publicly disclosed, making it crucial for users and administrators to apply necessary security measures to mitigate the risk.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.002730000065639615,false,,false,false,false,,,false,false,,2023-06-07T17:15:00.000Z,0
CVE-2023-3148,https://securityvulnerability.io/vulnerability/CVE-2023-3148,SourceCodester Online Discussion Forum Site manage_post.php sql injection,"A SQL injection vulnerability exists in the SourceCodester Online Discussion Forum Site 1.0, specifically affecting the processing of the 'id' parameter in the 'admin/posts/manage_post.php' file. This flaw allows an attacker to manipulate SQL queries by injecting malicious code, potentially compromising the database. The exploit can be executed remotely, raising concerns for web security. The issue has been publicly disclosed, highlighting the urgency for affected users to address the vulnerability promptly.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.002730000065639615,false,,false,false,false,,,false,false,,2023-06-07T17:15:00.000Z,0
CVE-2023-3147,https://securityvulnerability.io/vulnerability/CVE-2023-3147,SourceCodester Online Discussion Forum Site view_category.php sql injection,"A SQL Injection vulnerability exists in the SourceCodester Online Discussion Forum Site version 1.0 through the manipulation of the 'id' argument in the admin/categories/view_category.php file. This weakness allows attackers to execute arbitrary SQL commands on the database remotely, potentially leading to unauthorized access to sensitive information. The exploit has been publicly disclosed, heightening the risk for affected installations.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.003289999905973673,false,,false,false,false,,,false,false,,2023-06-07T16:15:00.000Z,0
CVE-2023-3146,https://securityvulnerability.io/vulnerability/CVE-2023-3146,SourceCodester Online Discussion Forum Site manage_category.php sql injection,"A vulnerability, which was classified as critical, was found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\categories\manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231015.",Sourcecodester,Online Discussion Forum Site,6.3,MEDIUM,0.003229999914765358,false,,false,false,false,,,false,false,,2023-06-07T16:15:00.000Z,0
CVE-2023-3143,https://securityvulnerability.io/vulnerability/CVE-2023-3143,SourceCodester Online Discussion Forum Site manage_post.php cross site scripting,A vulnerability classified as problematic has been found in SourceCodester Online Discussion Forum Site 1.0. Affected is an unknown function of the file admin\posts\manage_post.php. The manipulation of the argument content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231012.,SourceCodester,Online Discussion Forum Site,5.4,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-06-07T15:15:00.000Z,0
CVE-2023-3145,https://securityvulnerability.io/vulnerability/CVE-2023-3145,SourceCodester Online Discussion Forum Site sql injection,"A vulnerability has been identified in SourceCodester's Online Discussion Forum Site 1.0, where improper handling of user input in the registration functionality of the Users.php file allows remote attackers to execute SQL injection attacks. This can enable unauthorized access to the underlying database, potentially leading to data compromise or manipulation. Given the nature of the flaw, it is crucial for users to implement recommended security measures promptly.",SourceCodester,Online Discussion Forum Site,8.8,HIGH,0.003229999914765358,false,,false,false,false,,,false,false,,2023-06-07T15:15:00.000Z,0
CVE-2023-3144,https://securityvulnerability.io/vulnerability/CVE-2023-3144,SourceCodester Online Discussion Forum Site manage_post.php cross site scripting,A vulnerability classified as problematic was found in SourceCodester Online Discussion Forum Site 1.0. Affected by this vulnerability is an unknown functionality of the file admin\posts\manage_post.php. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231013 was assigned to this vulnerability.,SourceCodester,Online Discussion Forum Site,5.4,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-06-07T15:15:00.000Z,0