cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8154,https://securityvulnerability.io/vulnerability/CVE-2024-8154,Cross Site Scripting Vulnerability in SourceCodester QR Code Bookmark System 1.0,"A cross-site scripting vulnerability exists in the SourceCodester QR Code Bookmark System 1.0 related to the parameter handler functionality found in the update-bookmark.php file. This flaw is caused by improper handling of user-supplied input in the arguments tbl_bookmark_id, name, and url. An attacker can exploit this vulnerability remotely, potentially injecting malicious scripts into web pages viewed by users. Publicly disclosed details indicate that the vulnerability may allow attackers to conduct harmful activities such as data theft or session hijacking through crafted requests.",Sourcecodester,Qr Code Bookmark System,5.4,MEDIUM,0.0008399999933317304,false,,false,false,true,2024-08-25T22:15:00.000Z,true,false,false,,2024-08-25T23:15:00.000Z,0
CVE-2024-8153,https://securityvulnerability.io/vulnerability/CVE-2024-8153,SourceCodester QR Code Bookmark System Vulnerable to Cross-Site Scripting (XSS),"A vulnerability exists within the SourceCodester QR Code Bookmark System that compromises the /endpoint/delete-bookmark.php file, leading to potential cross site scripting (XSS) attacks. This issue arises from improper handling of user-supplied input, allowing malicious actors to manipulate the 'bookmark' argument in a way that can execute arbitrary scripts in the context of the affected web application. The exploitation of this vulnerability can occur remotely, posing significant risks to users and their data. Publicly disclosed, this XSS vulnerability emphasizes the need for immediate remediation to protect both the application and its users.",Sourcecodester,Qr Code Bookmark System,5.4,MEDIUM,0.0008399999933317304,false,,false,false,true,2024-08-25T21:31:06.000Z,true,false,false,,2024-08-25T22:31:06.804Z,0
CVE-2024-8152,https://securityvulnerability.io/vulnerability/CVE-2024-8152,SourceCodester QR Code Bookmark System Vulnerable to Cross-Site Scripting,"A cross site scripting (XSS) vulnerability exists in the SourceCodester QR Code Bookmark System version 1.0, specifically within the /endpoint/add-bookmark.php component handling parameter inputs. The issue arises when the system fails to properly sanitize input parameters such as name and url, allowing malicious users to execute arbitrary scripts in the context of an affected user's browser. As a result, an attacker can exploit this vulnerability remotely, potentially leading to unauthorized access to sensitive user information and data manipulation.",Sourcecodester,Qr Code Bookmark System,5.4,MEDIUM,0.0007800000021234155,false,,false,false,true,2024-08-25T21:31:04.000Z,true,false,false,,2024-08-25T22:31:04.910Z,0
CVE-2024-3797,https://securityvulnerability.io/vulnerability/CVE-2024-3797,SQL Injection Vulnerability in SourceCodester QR Code Bookmark System,"A SQL injection vulnerability has been discovered in the SourceCodester QR Code Bookmark System 1.0. This flaw exists within the file endpoint/delete-bookmark.php, which processes requests to delete bookmarks. An attacker can exploit this vulnerability by manipulating the 'bookmark' parameter, allowing for unauthorized access and manipulation of the database. The nature of this vulnerability allows for attacks to be initiated remotely, posing a significant risk to confidentiality and integrity of stored data. The vulnerability has already been publicly disclosed, increasing the urgency for affected users to apply security measures to safeguard their systems.",Sourcecodester,Qr Code Bookmark System,9.8,CRITICAL,0.00044999999227002263,false,,false,false,true,2024-04-15T15:00:05.000Z,true,false,false,,2024-04-15T16:00:05.364Z,0