cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-3987,https://securityvulnerability.io/vulnerability/CVE-2023-3987,SourceCodester Simple Online Mens Salon Management System sql injection,"The Simple Online Mens Salon Management System version 1.0 by SourceCodester is susceptible to a SQL injection attack. This vulnerability exists in an unspecified function within the user management section of the application (/admin/?page=user/manage_user&id=3). By manipulating the 'id' parameter in a crafted HTTP request, an attacker may execute arbitrary SQL commands against the database, thereby compromising sensitive data. This vulnerability can be exploited remotely, allowing attackers to leverage public-facing services. The method of attack has been publicly disclosed, raising the urgency for users to apply necessary patches or mitigations to safeguard their systems.",SourceCodester,Simple Online Mens Salon Management System,9.8,CRITICAL,0.005669999867677689,false,,false,false,false,,,false,false,,2023-07-28T06:15:00.000Z,0
CVE-2023-3986,https://securityvulnerability.io/vulnerability/CVE-2023-3986,SourceCodester Simple Online Mens Salon Management System cross site scripting,A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=user/list. The manipulation of the argument First Name/Last Name/Username leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235607.,Sourcecodester,Simple Online Mens Salon Management System,2.4,LOW,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-07-28T05:15:00.000Z,0