cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-2397,https://securityvulnerability.io/vulnerability/CVE-2023-2397,SourceCodester Simple Mobile Comparison Website cross site scripting,"A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Mobile Comparison Website 1.0. This issue affects some unknown processing of the file classes/Master.php?f=save_field. The manipulation of the argument Field Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227675.",SourceCodester,Simple Mobile Comparison Website,4.8,MEDIUM,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-04-28T22:15:00.000Z,0
CVE-2023-1908,https://securityvulnerability.io/vulnerability/CVE-2023-1908,SourceCodester Simple Mobile Comparison Website GET Parameter view_category.php sql injection,"An SQL Injection vulnerability has been identified in the SourceCodester Simple Mobile Comparison Website 1.0, specifically within the GET Parameter Handler component. This issue arises from improper handling of the 'id' parameter in the /admin/categories/view_category.php file, allowing attackers to manipulate database queries. The vulnerability enables remote attackers to execute arbitrary SQL statements, potentially leading to unauthorized access to sensitive data and system compromise. The exploit has been made publicly known, increasing the urgency for users to apply appropriate patches and safeguard their applications.",SourceCodester,Simple Mobile Comparison Website,9.8,CRITICAL,0.0031500000040978193,false,,false,false,false,,,false,false,,2023-04-06T13:15:00.000Z,0
CVE-2023-1792,https://securityvulnerability.io/vulnerability/CVE-2023-1792,SourceCodester Simple Mobile Comparison Website GET Parameter manage_field.php sql injection,"The Simple Mobile Comparison Website has a vulnerability in the GET Parameter Handler located in the /admin/fields/manage_field.php file. This issue arises from improper handling of the 'id' parameter, which can be exploited to execute SQL injection attacks. Attackers can manipulate this input remotely, potentially leading to unauthorized access to sensitive data within the database. The vulnerability has already been publicly disclosed, heightening the risk for users who have not yet applied the necessary security measures.",SourceCodester,Simple Mobile Comparison Website,9.8,CRITICAL,0.0027000000700354576,false,,false,false,false,,,false,false,,2023-04-02T07:15:00.000Z,0