cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1852,https://securityvulnerability.io/vulnerability/CVE-2023-1852,SourceCodester Online Payroll System deduction_edit.php cross site scripting,A vulnerability classified as problematic was found in SourceCodester Online Payroll System 1.0. This vulnerability affects unknown code of the file /admin/deduction_edit.php. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-224992.,SourceCodester,Online Payroll System,6.1,MEDIUM,0.0018500000005587935,false,,false,false,false,,,false,false,,2023-04-05T08:15:00.000Z,0
CVE-2023-1851,https://securityvulnerability.io/vulnerability/CVE-2023-1851,SourceCodester Online Payroll System employee_add.php cross site scripting,A vulnerability classified as problematic has been found in SourceCodester Online Payroll System 1.0. This affects an unknown part of the file /admin/employee_add.php. The manipulation of the argument of leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224991.,Sourcecodester,Online Payroll System,3.5,LOW,0.0018500000005587935,false,,false,false,true,2023-04-05T08:15:00.000Z,true,false,false,,2023-04-05T08:15:00.000Z,0
CVE-2023-1853,https://securityvulnerability.io/vulnerability/CVE-2023-1853,SourceCodester Online Payroll System employee_edit.php cross site scripting,"A vulnerability, which was classified as problematic, has been found in SourceCodester Online Payroll System 1.0. This issue affects some unknown processing of the file /admin/employee_edit.php. The manipulation of the argument of leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224993 was assigned to this vulnerability.",Sourcecodester,Online Payroll System,3.5,LOW,0.0018500000005587935,false,,false,false,true,2023-04-05T08:15:00.000Z,true,false,false,,2023-04-05T08:15:00.000Z,0
CVE-2023-1849,https://securityvulnerability.io/vulnerability/CVE-2023-1849,SourceCodester Online Payroll System cashadvance_row.php sql injection,A vulnerability was found in SourceCodester Online Payroll System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cashadvance_row.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224989 was assigned to this vulnerability.,Sourcecodester,Online Payroll System,6.3,MEDIUM,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T08:15:00.000Z,0
CVE-2023-1850,https://securityvulnerability.io/vulnerability/CVE-2023-1850,SourceCodester Online Payroll System login.php sql injection,"A SQL injection vulnerability has been identified in the SourceCodester Online Payroll System version 1.0. It affects the login functionality located at /admin/login.php, where manipulation of the username argument can allow an attacker to execute arbitrary SQL commands. This vulnerability can be exploited remotely, making it imperative for users of the software to implement immediate security measures to mitigate potential threats. The public disclosure of this exploit heightens the urgency, underscoring the need for patching and enhanced security protocols.",SourceCodester,Online Payroll System,9.8,CRITICAL,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T08:15:00.000Z,0
CVE-2023-1846,https://securityvulnerability.io/vulnerability/CVE-2023-1846,SourceCodester Online Payroll System deduction_row.php sql injection,"A significant vulnerability exists in the SourceCodester Online Payroll System 1.0, allowing remote attackers to execute SQL injection through manipulation of the argument 'id' in the /admin/deduction_row.php file. This exploitation could potentially lead to unauthorized access to sensitive data and database manipulation. Timely remediation is essential to safeguard your systems.",SourceCodester,Online Payroll System,9.8,CRITICAL,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T07:15:00.000Z,0
CVE-2023-1847,https://securityvulnerability.io/vulnerability/CVE-2023-1847,SourceCodester Online Payroll System attendance.php sql injection,"A vulnerability exists in the SourceCodester Online Payroll System that enables SQL injection via the employee parameter in the attendance.php file. This flaw allows remote attackers to manipulate database queries, posing a significant risk to sensitive employee data. As the problem has been publicly disclosed, it presents an urgent security concern for users of this application. Immediate attention and mitigation strategies are essential to protect against potential exploitation.",SourceCodester,Online Payroll System,9.8,CRITICAL,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T07:15:00.000Z,0
CVE-2023-1848,https://securityvulnerability.io/vulnerability/CVE-2023-1848,SourceCodester Online Payroll System attendance_row.php sql injection,"A security flaw has been identified in SourceCodester's Online Payroll System, specifically within the admin/attendance_row.php file. This vulnerability allows for SQL injection attacks through manipulation of the 'id' parameter, which can be exploited remotely. Given that this exploit has been publicly disclosed, systems using this product could be at significant risk unless patched or mitigated promptly.",SourceCodester,Online Payroll System,9.8,CRITICAL,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T07:15:00.000Z,0
CVE-2023-1845,https://securityvulnerability.io/vulnerability/CVE-2023-1845,SourceCodester Online Payroll System employee_row.php sql injection,"A SQL injection vulnerability has been identified in SourceCodester's Online Payroll System version 1.0, specifically affecting the /admin/employee_row.php file. This issue arises from improper validation of the 'id' argument, which allows remote attackers to manipulate SQL queries executed by the application. The availability of public exploit details raises concerns for users, making it essential to patch this vulnerability promptly to prevent potential data breaches.",SourceCodester,Online Payroll System,9.8,CRITICAL,0.011049999855458736,false,,false,false,false,,,false,false,,2023-04-05T07:15:00.000Z,0