cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-0281,https://securityvulnerability.io/vulnerability/CVE-2023-0281,SourceCodester Online Flight Booking Management System judge_panel.php sql injection,"A vulnerability has been identified in the SourceCodester Online Flight Booking Management System, specifically related to the file judge_panel.php. This issue stems from improper handling of the argument subevent_id, leading to a SQL injection vulnerability. Attackers can exploit this weakness remotely to manipulate database queries. Given that this exploit has been publicly disclosed, it poses a significant risk, and users of the affected system should take immediate action to mitigate potential threats.",SourceCodester,Online Flight Booking Management System,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2023-01-13T10:15:00.000Z,0
CVE-2023-0283,https://securityvulnerability.io/vulnerability/CVE-2023-0283,SourceCodester Online Flight Booking Management System POST Parameter review_search.php sql injection,"A SQL injection vulnerability has been discovered in the SourceCodester Online Flight Booking Management System, specifically within the review_search.php file related to the POST Parameter Handler. By manipulating the txtsearch argument, an attacker can exploit this vulnerability remotely, allowing them to execute unauthorized SQL queries. This loophole exposes sensitive data and enables a full compromise of the database. The potential for exploitation has been publicly disclosed, thus raising concerns for users and administrators of the affected system.",SourceCodester,Online Flight Booking Management System,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2023-01-13T10:15:00.000Z,0
CVE-2023-0245,https://securityvulnerability.io/vulnerability/CVE-2023-0245,SourceCodester Online Flight Booking Management System add_contestant.php sql injection,"A vulnerability has been identified in the SourceCodester Online Flight Booking Management System, specifically affecting the file add_contestant.php. This flaw allows an attacker to manipulate the argument add_contestant, leading to SQL injection attacks. Such vulnerabilities enable unauthorized access to the database, posing a risk of sensitive data exposure. The attack can be performed remotely, and the details of the exploit have been made public, highlighting the urgent need for users to update to the latest secured versions.",SourceCodester,Online Flight Booking Management System,9.8,CRITICAL,0.0021800000686198473,false,,false,false,false,,,false,false,,2023-01-12T15:15:00.000Z,0