cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-6830,https://securityvulnerability.io/vulnerability/CVE-2024-6830,Remote SQL Injection Vulnerability in SourceCodester Simple Inventory Management System,"A significant SQL injection vulnerability exists in the SourceCodester Simple Inventory Management System 1.0, specifically within the action.php file's order handler function. This flaw allows attackers to interfere with the order_id argument, leading to unauthorized access to sensitive data. Given that the exploitation can be performed remotely, the issue poses a serious risk to the integrity and confidentiality of the information managed by the system. Public disclosure of the exploit increases the urgency for users to apply necessary security measures to protect their systems.",SourceCodester,Simple Inventory Management System,7.5,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2024-07-17T16:15:00.000Z,0
CVE-2024-5101,https://securityvulnerability.io/vulnerability/CVE-2024-5101,SQL Injection Vulnerability in SourceCodester Simple Inventory System,"A serious SQL injection vulnerability has been identified in the updateproduct.php file within SourceCodester's Simple Inventory System version 1.0. This security flaw allows attackers to manipulate the ITEM argument, leading to arbitrary SQL query execution on the server. The vulnerability can be exploited remotely, providing significant risk to data integrity and security. The public disclosure of this exploit means that effective mitigation measures must be implemented immediately to safeguard against potential attacks.",Sourcecodester,Simple Inventory System,8.8,HIGH,0.00044999999227002263,false,,false,false,true,2024-05-19T13:00:04.000Z,true,false,false,,2024-05-19T14:00:04.720Z,0
CVE-2024-5100,https://securityvulnerability.io/vulnerability/CVE-2024-5100,SQL Injection Vulnerability in SourceCodester Simple Inventory System,"A security vulnerability has been identified in the SourceCodester Simple Inventory System version 1.0 that enables SQL injection through improper handling of user-supplied input in the file tableedit.php. Attackers can exploit this vulnerability remotely to execute arbitrary SQL commands, potentially compromising the integrity, confidentiality, and availability of the underlying database. This could lead to unauthorized data access, data manipulation, or even complete system takeover. It is critical for users of this system to apply necessary security patches and follow best practices to mitigate the risks associated with this vulnerability. For further details, refer to relevant technical descriptions and exploit disclosures available in the cybersecurity community.",Sourcecodester,Simple Inventory System,6.5,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-19T10:31:03.000Z,true,false,false,,2024-05-19T11:31:03.831Z,0
CVE-2024-5099,https://securityvulnerability.io/vulnerability/CVE-2024-5099,SQL Injection Vulnerability in SourceCodester Simple Inventory System,"A critical vulnerability has been identified within the SourceCodester Simple Inventory System version 1.0, specifically affecting the updateprice.php file. This vulnerability allows an attacker to manipulate the ITEM parameter, leading to SQL injection. It means that unauthorized individuals can execute arbitrary SQL commands on the database, granting them access to sensitive information or even taking control of the affected system. The attack can be conducted remotely, making it a severe threat to users relying on this inventory management system. Security measures should be prioritized to protect against potential exploitation.",Sourcecodester,Simple Inventory System,6.5,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-19T07:00:04.000Z,true,false,false,,2024-05-19T08:00:04.860Z,0
CVE-2024-5098,https://securityvulnerability.io/vulnerability/CVE-2024-5098,SQL Injection Vulnerability in SourceCodester Simple Inventory System,"A significant security vulnerability has been identified in the SourceCodester Simple Inventory System version 1.0, specifically within the login.php file. The flaw arises from improper handling of user inputs, allowing attackers to exploit the system through SQL injection by manipulating the 'username' parameter. This exploit can lead to unauthorized database access, enabling attackers to retrieve, modify, or delete sensitive information. Given the public disclosure of this vulnerability, it is imperative for users and administrators of the affected product to implement immediate security measures to safeguard their systems from potential attacks. For more detailed information and countermeasures, users are encouraged to refer to the related resources.",Sourcecodester,Simple Inventory System,6.5,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-19T05:00:04.000Z,true,false,false,,2024-05-19T06:00:04.313Z,0
CVE-2024-5097,https://securityvulnerability.io/vulnerability/CVE-2024-5097,Cross-Site Request Forgery Vulnerability in SourceCodester Simple Inventory System 1.0,"A vulnerability, which was classified as problematic, was found in SourceCodester Simple Inventory System 1.0. Affected is an unknown function of the file /tableedit.php#page=editprice. The manipulation of the argument itemnumber leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265080.",Sourcecodester,Simple Inventory System,4.3,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-19T02:00:04.000Z,true,false,false,,2024-05-19T03:00:04.179Z,0