cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3358,https://securityvulnerability.io/vulnerability/CVE-2024-3358,Cross Site Scripting Vulnerability in Aplaya Beach Resort Online Reservation System 1.0,A vulnerability classified as problematic was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument to leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259462 is the identifier assigned to this vulnerability.,Sourcecodester,Aplaya Beach Resort Online Reservation System,3.5,LOW,0.00044999999227002263,false,,false,false,true,2024-04-06T03:15:00.000Z,true,false,false,,2024-04-06T04:15:00.000Z,0
CVE-2024-3352,https://securityvulnerability.io/vulnerability/CVE-2024-3352,SQL Injection Vulnerability in SourceCodester Aplaya Beach Resort Online Reservation System,"A security flaw has been identified in the SourceCodester Aplaya Beach Resort Online Reservation System, specifically within the admin/mod_comments/index.php file. This vulnerability allows attackers to manipulate the 'id' parameter, leading to SQL injection. As a result, unauthorized users can execute arbitrary SQL commands against the database remotely. Public knowledge of this vulnerability has been disclosed, raising concerns regarding its potential exploitation. System administrators are strongly urged to apply security patches and review their configurations to mitigate risks associated with this vulnerability.",Sourcecodester,Aplaya Beach Resort Online Reservation System,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-05T18:15:00.000Z,true,false,false,,2024-04-05T19:15:00.000Z,0
CVE-2024-3350,https://securityvulnerability.io/vulnerability/CVE-2024-3350,SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injection,"A security vulnerability has been identified in the Aplaya Beach Resort Online Reservation System version 1.0, specifically affecting the file admin/mod_room/index.php. This issue allows attackers to manipulate the argument 'id', potentially leading to SQL injection attacks. The exploitation of this vulnerability can be conducted remotely, presenting a serious risk to the integrity and confidentiality of the database used by the system. Public disclosure of this vulnerability has occurred, making it accessible for exploitation by threat actors.",Sourcecodester,Aplaya Beach Resort Online Reservation System,7.3,HIGH,0.00044999999227002263,false,,false,false,true,2024-04-05T17:15:00.000Z,true,false,false,,2024-04-05T18:15:00.000Z,0
CVE-2023-4192,https://securityvulnerability.io/vulnerability/CVE-2023-4192,SourceCodester Resort Reservation System manage_user.php sql injection,"A SQL injection vulnerability has been discovered in the SourceCodester Resort Reservation System (version 1.0), specifically within the manage_user.php file. This flaw arises from improper handling of user-supplied input, enabling attackers to manipulate the 'id' parameter and execute arbitrary SQL queries against the database. The vulnerability is accessible remotely, heightening the risk as it can be exploited without authentication. Given that the exploit has been publicly disclosed, it is imperative for users of the system to assess their risk and consider remediation steps to mitigate potential attacks.",SourceCodester,Resort Reservation System,9.8,CRITICAL,0.0015399999683722854,false,,false,false,false,,,false,false,,2023-08-07T00:15:00.000Z,0
CVE-2023-4193,https://securityvulnerability.io/vulnerability/CVE-2023-4193,SourceCodester Resort Reservation System view_fee.php sql injection,"A SQL injection vulnerability has been identified in the SourceCodester Resort Reservation System version 1.0. This vulnerability exists in the file view_fee.php, where improper handling of the 'id' argument allows attackers to manipulate SQL queries. This weakness can enable remote exploitation, putting sensitive data at risk. Public disclosure of this exploit increases the urgency for users to assess their systems for this SQL injection vulnerability.",SourceCodester,Resort Reservation System,9.8,CRITICAL,0.0015399999683722854,false,,false,false,false,,,false,false,,2023-08-07T00:15:00.000Z,0
CVE-2023-4191,https://securityvulnerability.io/vulnerability/CVE-2023-4191,SourceCodester Resort Reservation System index.php file inclusion,"A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-236234 is the identifier assigned to this vulnerability.",Sourcecodester,Resort Reservation System,6.3,MEDIUM,0.0015399999683722854,false,,false,false,false,,,false,false,,2023-08-06T23:15:00.000Z,0
CVE-2023-3309,https://securityvulnerability.io/vulnerability/CVE-2023-3309,SourceCodester Resort Reservation System Manage Room Page ?page=rooms cross site scripting,A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file ?page=rooms of the component Manage Room Page. The manipulation of the argument Cottage Number leads to cross site scripting. The attack can be launched remotely. The identifier VDB-231805 was assigned to this vulnerability.,Sourcecodester,Resort Reservation System,5.4,MEDIUM,0.000910000002477318,false,,false,false,false,,,false,false,,2023-06-18T12:15:00.000Z,0
CVE-2023-2363,https://securityvulnerability.io/vulnerability/CVE-2023-2363,SourceCodester Resort Reservation System view_room.php sql injection,"A SQL injection vulnerability exists in the SourceCodester Resort Reservation System 1.0, specifically affecting the processing of the file view_room.php. This vulnerability arises from improper handling of the 'id' parameter, allowing an attacker to manipulate browser requests to execute malicious SQL queries against the database. Consequently, this can lead to unauthorized access, data leaks, or extensive manipulation of the underlying database. Notably, the vulnerability is remotely exploitable, highlighting the risk posed to applications utilizing this system.",SourceCodester,Resort Reservation System,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2023-04-28T11:15:00.000Z,0
CVE-2023-2364,https://securityvulnerability.io/vulnerability/CVE-2023-2364,SourceCodester Resort Reservation System registration.php cross site scripting,"A vulnerability, which was classified as problematic, was found in SourceCodester Resort Reservation System 1.0. Affected is an unknown function of the file registration.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227640.",SourceCodester,Resort Reservation System,5.4,MEDIUM,0.0011399999493733048,false,,false,false,false,,,false,false,,2023-04-28T11:15:00.000Z,0