cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-11262,https://securityvulnerability.io/vulnerability/CVE-2024-11262,Stack-based Buffer Overflow in SourceCodester Student Record Management System,"A critical vulnerability has been identified in the SourceCodester Student Record Management System version 1.0, specifically within the 'View All Student Marks' component. This vulnerability manifests as a stack-based buffer overflow that occurs in the main function. Attackers can exploit this weakness locally, potentially leading to unauthorized access or execution of arbitrary code. The details of this vulnerability have been publicly disclosed, raising concerns about the security of systems using this software. It is crucial for users to assess their systems for potential exposure and mitigate the risk.",Sourcecodester,Student Record Management System,7.8,HIGH,0.0006000000284984708,false,,false,false,true,2024-11-15T23:15:00.000Z,true,false,false,,2024-11-15T23:15:00.000Z,0
CVE-2024-11261,https://securityvulnerability.io/vulnerability/CVE-2024-11261,Memory Corruption Vulnerability in SourceCodester Student Record Management System,"A critical memory corruption vulnerability has been identified in the SourceCodester Student Record Management System version 1.0, specifically within the Number of Students Menu functionality found in the StudentRecordManagementSystem.cpp file. This vulnerability enables an attacker with local access to manipulate memory allocation, potentially leading to unauthorized actions or system crashes. The exploit details have been publicly disclosed, prompting users of the affected version to prioritize immediate remediation measures to protect their systems against potential attacks.",Sourcecodester,Student Record Management System,6.1,MEDIUM,0.0006000000284984708,false,,false,false,true,2024-11-15T22:15:00.000Z,true,false,false,,2024-11-15T22:15:00.000Z,0
CVE-2024-11097,https://securityvulnerability.io/vulnerability/CVE-2024-11097,Infinite Loop Vulnerability Affects SourceCodester Student Record Management System,A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.,Sourcecodester,Student Record Management System,5.5,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-11-12T02:00:13.000Z,true,false,false,,2024-11-12T02:00:13.839Z,0
CVE-2024-9810,https://securityvulnerability.io/vulnerability/CVE-2024-9810,Unknown Functionality of File sort2_user.php Affected by Cross Site Scripting Vulnerability,A vulnerability was found in SourceCodester Record Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file sort2_user.php. The manipulation of the argument qualification leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.,SourceCodester,Record Management System,6.1,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2024-10-10T20:15:00.000Z,0
CVE-2024-8137,https://securityvulnerability.io/vulnerability/CVE-2024-8137,Cross Site Scripting Vulnerability in Record Management System 1.0,"A cross-site scripting (XSS) vulnerability has been identified in the SourceCodester Record Management System 1.0, specifically affecting the search_user.php file. The vulnerability arises from improper handling of user inputs in the search argument, allowing attackers to inject malicious scripts. This issue can be exploited remotely, posing a significant risk to users interacting with the affected system. Given that the exploit has been made public, immediate attention is necessary to mitigate the potential for unauthorized access and data leakage.",SourceCodester,Record Management System,6.1,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2024-08-24T23:15:00.000Z,0
CVE-2024-8136,https://securityvulnerability.io/vulnerability/CVE-2024-8136,Cross Site Scripting Vulnerability in Record Management System 1.0,"A cross site scripting vulnerability has been identified in the SourceCodester Record Management System 1.0, particularly within the file sort1_user.php. This vulnerability arises from improper handling of user-supplied input, allowing attackers to manipulate the argument position. As a result, it facilitates remote exploitation, where malicious users can inject arbitrary scripts. Compliance with security best practices and monitoring incoming data can mitigate risks associated with this vulnerability. The details surrounding this exploit have been made public, raising concerns about potential exploitation in active environments.",Sourcecodester,Record Management System,6.1,MEDIUM,0.0010400000028312206,false,,false,false,true,2024-08-24T21:00:06.000Z,true,false,false,,2024-08-24T22:00:06.068Z,0
CVE-2024-7310,https://securityvulnerability.io/vulnerability/CVE-2024-7310,Cross Site Scripting Vulnerability in Record Management System 1.0,A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file sort_user.php. The manipulation of the argument sort leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273202 is the identifier assigned to this vulnerability.,Sourcecodester,Record Management System,6.1,MEDIUM,0.0005200000014156103,false,,false,false,true,2024-07-31T09:00:07.000Z,true,false,false,,2024-07-31T10:00:07.354Z,0
CVE-2024-7309,https://securityvulnerability.io/vulnerability/CVE-2024-7309,Cross-Site Scripting Vulnerability in Record Management System 1.0,A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. This affects an unknown part of the file entry.php. The manipulation of the argument school leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273201 was assigned to this vulnerability.,Sourcecodester,Record Management System,5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-07-31T08:31:03.000Z,true,false,false,,2024-07-31T09:31:03.900Z,0
CVE-2024-6955,https://securityvulnerability.io/vulnerability/CVE-2024-6955,VDB-272076: Cross-Site Scripting Vulnerability in Record Management System 1.0,A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file sort2.php. The manipulation of the argument qualification leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272076.,Sourcecodester,Record Management System,6.1,MEDIUM,0.005100000184029341,false,,false,false,true,2024-07-21T12:00:06.000Z,true,false,false,,2024-07-21T13:00:06.737Z,0
CVE-2024-6954,https://securityvulnerability.io/vulnerability/CVE-2024-6954,Monthly Disclosed Vulnerability: Cross-Site Scripting in Record Management System 1.0,A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file sort1.php. The manipulation of the argument position leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272077 was assigned to this vulnerability.,Sourcecodester,Record Management System,6.1,MEDIUM,0.003530000103637576,false,,false,false,true,2024-07-21T11:31:04.000Z,true,false,false,,2024-07-21T12:31:04.246Z,0
CVE-2024-6907,https://securityvulnerability.io/vulnerability/CVE-2024-6907,Cross-Site Scripting Vulnerability in Record Management System 1.0,A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file sort.php. The manipulation of the argument sort leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271932.,Sourcecodester,Record Management System,5.4,MEDIUM,0.000699999975040555,false,,false,false,true,2024-07-19T09:00:07.000Z,true,false,false,,2024-07-19T10:00:07.558Z,0
CVE-2024-6906,https://securityvulnerability.io/vulnerability/CVE-2024-6906,SQL Injection Vulnerability in SourceCodester Record Management System,"A critical SQL injection flaw has been identified in the SourceCodester Record Management System version 1.0. This vulnerability arises from improper handling of the argument 'LSS' within the 'add_leave_non_user.php' file. Attackers can remotely exploit this issue by crafting malicious inputs that manipulate SQL queries, potentially compromising the entire database. Given the public disclosure of this exploit, immediate action is recommended for all users of the affected system to mitigate risks.",Sourcecodester,Record Management System,8.8,HIGH,0.0008699999889358878,false,,false,false,true,2024-07-19T08:31:04.000Z,true,false,false,,2024-07-19T09:31:04.414Z,0
CVE-2024-6905,https://securityvulnerability.io/vulnerability/CVE-2024-6905,Record Management System Vulnerability Discovered: Remote SQL Injection Possible,"A vulnerability has been identified in the SourceCodester Record Management System 1.0, which affects the view_info_user.php file due to improper handling of the 'id' argument. This flaw allows attackers to perform SQL injection, potentially manipulating the database through crafted requests. The exploit can be initiated from remote locations, posing significant risks to the integrity and confidentiality of the data managed by the system. As the vulnerability has been publicly disclosed, it is imperative for users to apply mitigations or patches to prevent exploitation.",Sourcecodester,Record Management System,8.8,HIGH,0.0008699999889358878,false,,false,false,true,2024-07-19T08:00:07.000Z,true,false,false,,2024-07-19T09:00:07.227Z,0
CVE-2024-6904,https://securityvulnerability.io/vulnerability/CVE-2024-6904,Remote SQL Injection Vulnerability Discovered,"A vulnerability identified in the SourceCodester Record Management System version 1.0 allows for SQL injection through the manipulation of an argument in the file sort2_user.php. This flaw can be exploited remotely, leading to unauthorized access to sensitive data. The exploit is publicly available, increasing the urgency for affected users to evaluate their systems and implement necessary security measures to mitigate potential threats.",Sourcecodester,Record Management System,8.8,HIGH,0.0008699999889358878,false,,false,false,true,2024-07-19T07:31:03.000Z,true,false,false,,2024-07-19T08:31:03.862Z,0
CVE-2024-6903,https://securityvulnerability.io/vulnerability/CVE-2024-6903,SQL Injection Vulnerability in SourceCodester Record Management System,"A serious SQL injection vulnerability has been identified in the SourceCodester Record Management System, specifically within the file sort1_user.php. This flaw arises from improper handling of user-supplied input, which allows an attacker to manipulate the argument position in requests, leading to database query manipulation. This vulnerability could be exploited remotely, providing attackers the ability to execute arbitrary SQL commands. With the exploit now publicly disclosed, it poses a significant risk to unpatched instances of version 1.0 of the product. Organizations using this system must act promptly to assess their exposure and implement necessary patches or mitigations to prevent potential unauthorized access and data breaches.",Sourcecodester,Record Management System,8.8,HIGH,0.005640000104904175,false,,false,false,true,2024-07-19T07:00:05.000Z,true,false,false,,2024-07-19T08:00:05.354Z,0
CVE-2024-6902,https://securityvulnerability.io/vulnerability/CVE-2024-6902,SQL Injection Vulnerability in SourceCodester Record Management System,"A critical vulnerability has been identified in the SourceCodester Record Management System version 1.0, specifically within the file sort_user.php. This vulnerability allows an attacker to manipulate an argument within the said file, leading to a SQL injection. The consequences of this vulnerability pose significant risks as attacks can be launched remotely, potentially allowing unauthorized data access or manipulation. The exploit has been publicly disclosed, thereby increasing the urgency for affected users to implement security measures and updates. For more details, refer to VDB-271927 and other associated advisories.",Sourcecodester,Record Management System,8.8,HIGH,0.005640000104904175,false,,false,false,true,2024-07-19T06:31:04.000Z,true,false,false,,2024-07-19T07:31:04.198Z,0
CVE-2024-6901,https://securityvulnerability.io/vulnerability/CVE-2024-6901,SQL Injection Vulnerability in SourceCodester Record Management System,"A critical SQL injection vulnerability has been identified in the SourceCodester Record Management System 1.0, specifically in the entry.php file. Attackers can exploit this vulnerability by manipulating the 'school' parameter, allowing unauthorized database access and manipulation. This flaw enables remote attackers to execute arbitrary SQL commands, potentially compromising sensitive data and the integrity of the application. The vulnerability has been publicly disclosed, making it essential for users and organizations using this system to implement immediate patching and safeguard against potential exploits. For further technical details, please refer to the VDB-271926 resources.",Sourcecodester,Record Management System,8.8,HIGH,0.005640000104904175,false,,false,false,true,2024-07-19T06:00:06.000Z,true,false,false,,2024-07-19T07:00:06.580Z,0
CVE-2024-6900,https://securityvulnerability.io/vulnerability/CVE-2024-6900,SQL Injection Vulnerability in SourceCodester Record Management System,"A significant SQL injection vulnerability has been identified in the SourceCodester Record Management System version 1.0, specifically within the file edit_emp.php. This critical flaw arises from improper handling of the 'id' parameter, enabling attackers to execute arbitrary SQL queries against the database remotely. The disclosure of this vulnerability allows cybercriminals to leverage it for unauthorized data access or manipulation, thereby posing a severe threat to organizations relying on this system. As the vulnerability has become public, it is imperative for users to implement immediate security measures to mitigate the risk.",Sourcecodester,Record Management System,8.8,HIGH,0.005640000104904175,false,,false,false,true,2024-07-19T05:31:04.000Z,true,false,false,,2024-07-19T06:31:04.488Z,0
CVE-2024-6899,https://securityvulnerability.io/vulnerability/CVE-2024-6899,SQL Injection Vulnerability in SourceCodester Record Management System,"A critical SQL injection vulnerability exists in the SourceCodester Record Management System version 1.0, specifically affecting the file view_info.php. This vulnerability arises from improper handling of user-supplied input through the 'id' argument, allowing attackers to manipulate SQL queries. As a result, remote attackers can execute arbitrary SQL commands, leading to unauthorized data access or modification. With the exploit disclosed publicly, it poses a significant risk to systems running this version of the product. Organizations using this software should prioritize applying security patches and implementing additional protective measures to mitigate the risk of exploitation.",Sourcecodester,Record Management System,9.8,CRITICAL,0.004559999797493219,false,,false,false,true,2024-07-19T04:00:05.000Z,true,false,false,,2024-07-19T05:00:05.474Z,0
CVE-2024-6898,https://securityvulnerability.io/vulnerability/CVE-2024-6898,SQL Injection Vulnerability in SourceCodester Record Management System,"A critical security flaw has been identified within the SourceCodester Record Management System version 1.0, specifically in the file index.php. This vulnerability allows an attacker to perform SQL injection through the manipulation of the 'UserName' parameter. It enables unauthorized users to execute arbitrary SQL queries, leading to severe data compromise and potential full system control. The exploit can be executed remotely, heightening its risk as it can easily be perpetrated without physical access to the system. The vulnerability has been publicly disclosed, making it imperative for users and administrators of the affected product to take immediate steps to secure their installations.",Sourcecodester,Record Management System,9.8,CRITICAL,0.000699999975040555,false,,false,false,true,2024-07-19T02:31:04.000Z,true,false,false,,2024-07-19T03:31:04.103Z,0
CVE-2023-1793,https://securityvulnerability.io/vulnerability/CVE-2023-1793,SourceCodester Police Crime Record Management System GET Parameter assigncase.php sql injection,"A SQL injection vulnerability has been identified in the Police Crime Record Management System 1.0 developed by SourceCodester. This issue exists within the argument caseid in the file /officer/assigncase.php, allowing attackers to manipulate the GET parameters and potentially execute unauthorized SQL commands. The vulnerability can be exploited remotely, posing significant risks to data integrity and security. Public disclosure of this exploit raises concerns about potential misuse.",SourceCodester,Police Crime Record Management System,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2023-04-02T08:15:00.000Z,0
CVE-2023-1794,https://securityvulnerability.io/vulnerability/CVE-2023-1794,SourceCodester Police Crime Record Management System GET Parameter casedetails.php cross site scripting,"A vulnerability was found in SourceCodester Police Crime Record Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/casedetails.php of the component GET Parameter Handler. The manipulation of the argument id with the input ""><script>alert(233)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-224746 is the identifier assigned to this vulnerability.",SourceCodester,Police Crime Record Management System,6.1,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-04-02T08:15:00.000Z,0
CVE-2023-1253,https://securityvulnerability.io/vulnerability/CVE-2023-1253,SourceCodester Health Center Patient Record Management System login.php sql injection,"A SQL injection vulnerability exists in the login.php file of SourceCodester's Health Center Patient Record Management System 1.0. This flaw allows an attacker to manipulate the username parameter, which can lead to unauthorized access and potential database compromise. The vulnerability can be exploited remotely, raising significant security concerns for institutions using this system. Immediate measures should be taken to address this risk to protect sensitive patient data.",SourceCodester,Health Center Patient Record Management System,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2023-03-07T15:15:00.000Z,0
CVE-2023-1254,https://securityvulnerability.io/vulnerability/CVE-2023-1254,SourceCodester Health Center Patient Record Management System birthing_print.php cross site scripting,A vulnerability has been found in SourceCodester Health Center Patient Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file birthing_print.php. The manipulation of the argument birth_id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222484.,SourceCodester,Health Center Patient Record Management System,5.4,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-03-07T15:15:00.000Z,0
CVE-2023-1180,https://securityvulnerability.io/vulnerability/CVE-2023-1180,SourceCodester Health Center Patient Record Management System hematology_print.php cross site scripting,A vulnerability has been found in SourceCodester Health Center Patient Record Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file hematology_print.php. The manipulation of the argument hem_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222331.,SourceCodester,Health Center Patient Record Management System,6.1,MEDIUM,0.0012799999676644802,false,,false,false,false,,,false,false,,2023-03-05T10:15:00.000Z,0