cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-3534,https://securityvulnerability.io/vulnerability/CVE-2023-3534,SourceCodester Shopping Website check_availability.php sql injection,"A SQL injection vulnerability exists in the SourceCodester Shopping Website version 1.0, where the email argument in the check_availability.php file can be manipulated. This allows attackers to execute arbitrary SQL commands, potentially compromising the database and exposing sensitive information. The vulnerability can be exploited remotely, making it a significant concern for users of this e-commerce platform. Awareness and prompt remediation are essential to safeguarding against potential attacks.",SourceCodester,Shopping Website,7.5,HIGH,0.0026199999265372753,false,,false,false,false,,,false,false,,2023-07-07T12:15:00.000Z,0
CVE-2023-3503,https://securityvulnerability.io/vulnerability/CVE-2023-3503,SourceCodester Shopping Website insert-product.php unrestricted upload,A vulnerability has been found in SourceCodester Shopping Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232951.,Sourcecodester,Shopping Website,6.3,MEDIUM,0.013240000233054161,false,,false,false,false,,,false,false,,2023-07-04T15:15:00.000Z,0
CVE-2023-3502,https://securityvulnerability.io/vulnerability/CVE-2023-3502,SourceCodester Shopping Website search-result.php sql injection,"A vulnerability exists in the SourceCodester Shopping Website 1.0, specifically within the search-result.php file, where improper handling of user input allows an attacker to manipulate the 'product' argument. This results in SQL injection, enabling remote exploitation. The vulnerability has been publicly disclosed, posing a risk to users of the affected software, and it allows unauthorized access to database information through crafted SQL queries.",SourceCodester,Shopping Website,7.5,HIGH,0.014010000042617321,false,,false,false,false,,,false,false,,2023-07-04T14:15:00.000Z,0
CVE-2023-3457,https://securityvulnerability.io/vulnerability/CVE-2023-3457,SourceCodester Shopping Website index.php sql injection,"A vulnerability exists in SourceCodester's Shopping Website 1.0 that allows remote attackers to exploit the application by manipulating the 'username' argument in the index.php file. This leads to SQL injection, which can compromise the integrity of the application and expose sensitive data. Due to the disclosure of this exploit, it is imperative for users to address this vulnerability promptly to safeguard their systems.",SourceCodester,Shopping Website,9.8,CRITICAL,0.007590000052005053,false,,false,false,false,,,false,false,,2023-06-29T14:15:00.000Z,0
CVE-2023-3458,https://securityvulnerability.io/vulnerability/CVE-2023-3458,SourceCodester Shopping Website forgot-password.php sql injection,"A security flaw exists in the SourceCodester Shopping Website version 1.0, specifically within the forgot-password.php file. This vulnerability enables attackers to manipulate the contact argument, leading to SQL injection. The exploit can be executed remotely, allowing unauthorized access to the database and could potentially compromise sensitive user information. The vulnerability has been publicly disclosed, making it critical for users to secure their systems against this threat.",SourceCodester,Shopping Website,9.8,CRITICAL,0.007590000052005053,false,,false,false,false,,,false,false,,2023-06-29T14:15:00.000Z,0