cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3365,https://securityvulnerability.io/vulnerability/CVE-2024-3365,Cross Site Scripting Vulnerability in Online Library System 1.0,A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument user_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259469 was assigned to this vulnerability.,Sourcecodester,Online Library System,5.4,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-06T09:15:00.000Z,true,false,false,,2024-04-06T10:15:00.000Z,0
CVE-2024-3363,https://securityvulnerability.io/vulnerability/CVE-2024-3363,SQL Injection Vulnerability in SourceCodester Online Library System,"A serious security vulnerability has been identified in SourceCodester's Online Library System version 1.0, specifically within the admin/borrowed/index.php file. The flaw arises from improper validation of user-input parameters such as BookPublisher and BookTitle, enabling SQL injection attacks. This vulnerability allows remote attackers to manipulate database queries, potentially leading to unauthorized data exposure and modifications. The malicious exploitation could compromise the integrity and confidentiality of user data. Organizations using this software are highly encouraged to implement immediate mitigation strategies to protect sensitive information. Details regarding the vulnerability can be further explored through various resources, including reports and advisories available online.",Sourcecodester,Online Library System,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-06T08:15:00.000Z,true,false,false,,2024-04-06T09:15:00.000Z,0
CVE-2024-3364,https://securityvulnerability.io/vulnerability/CVE-2024-3364,Cross Site Scripting Vulnerability in SourceCodester Online Library System 1.0,A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259468.,Sourcecodester,Online Library System,5.4,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-04-06T08:15:00.000Z,true,false,false,,2024-04-06T09:15:00.000Z,0
CVE-2024-3362,https://securityvulnerability.io/vulnerability/CVE-2024-3362,SQL Injection Vulnerability in SourceCodester Online Library System,"A significant security vulnerability affects the SourceCodester Online Library System version 1.0, specifically within the admin/books/controller.php file. The flaw arises from improper handling of the IBSN argument, which allows attackers to execute SQL injection attacks. This issue can be exploited remotely, enabling unauthorized access to the database and potentially compromising sensitive information. As this vulnerability has been publicly disclosed, it presents serious risks to organizations that utilize this software. Immediate action is recommended to assess and mitigate the threat.",Sourcecodester,Online Library System,8.8,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-06T06:15:00.000Z,true,false,false,,2024-04-06T07:15:00.000Z,0
CVE-2024-3361,https://securityvulnerability.io/vulnerability/CVE-2024-3361,SQL Injection Vulnerability in SourceCodester Online Library System,"A significant SQL Injection vulnerability has been discovered in the SourceCodester Online Library System 1.0, specifically within the file admin/books/deweydecimal.php. This vulnerability allows attackers to manipulate the 'category' argument, enabling unauthorized access to the database. Such exploitation can be performed remotely, raising serious security concerns for users of the system. The specifics of this issue have been publicly disclosed, which increases the urgency for affected organizations to address the vulnerability promptly. Organizations looking to secure their systems should prioritize verifying their configurations and implementing proper input validation to mitigate the risks associated with this vulnerability.",Sourcecodester,Online Library System,8.8,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-06T05:15:00.000Z,true,false,false,,2024-04-06T06:15:00.000Z,0
CVE-2024-3360,https://securityvulnerability.io/vulnerability/CVE-2024-3360,SQL Injection Vulnerability in SourceCodester Online Library System,"A vulnerability exists in the SourceCodester Online Library System version 1.0, specifically related to an undisclosed function within the file admin/books/index.php. This vulnerability allows remote attackers to exploit a SQL injection flaw by manipulating the 'id' argument. The implications of this are significant, as successful exploitation could enable attackers to access, modify, or delete sensitive data within the database. Given that this exploit has been publicly disclosed, it poses an immediate risk to users of this application. It is crucial for organizations utilizing this library system to implement appropriate security measures and consider applying patches or updates to mitigate this vulnerability.",Sourcecodester,Online Library System,9.8,CRITICAL,0.00044999999227002263,false,,false,false,true,2024-04-06T04:15:00.000Z,true,false,false,,2024-04-06T05:15:00.000Z,0
CVE-2024-3359,https://securityvulnerability.io/vulnerability/CVE-2024-3359,SQL Injection Vulnerability in SourceCodester Online Library System,"A significant SQL injection vulnerability exists in SourceCodester's Online Library System version 1.0, specifically concerning the processing of the 'user_email' argument within the admin/login.php file. This vulnerability allows potential attackers to execute remote commands by manipulating the 'user_email' input, which could lead to unauthorized access and data compromise. Given its public disclosure, immediate action is advised to mitigate risk and secure affected systems.",Sourcecodester,Online Library System,9.8,CRITICAL,0.00044999999227002263,false,,false,false,true,2024-04-06T03:15:00.000Z,true,false,false,,2024-04-06T04:15:00.000Z,0