cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-7378,https://securityvulnerability.io/vulnerability/CVE-2024-7378,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"An SQL injection vulnerability exists in the SourceCodester Simple Realtime Quiz System version 1.0, specifically in the /manage_question.php file. The vulnerability allows an attacker to manipulate requests that involve the 'id' parameter, leading to unauthorized database access and potential data breaches. This can be exploited remotely, making it imperative for users of the affected system to apply necessary updates and security measures promptly. Given the exposure of the exploit to the public, immediate action is recommended to safeguard sensitive data.",SourceCodester,Simple Realtime Quiz System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-08-02T03:15:00.000Z,0
CVE-2024-7377,https://securityvulnerability.io/vulnerability/CVE-2024-7377,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A security vulnerability exists within the SourceCodester Simple Realtime Quiz System version 1.0 that allows for SQL injection through improper handling of input in the /view_result.php file. By manipulating the 'qid' argument in this script, attackers can potentially execute harmful SQL commands, leading to unauthorized access to database information. This vulnerability can be exploited remotely, making it a significant risk for users who have deployed this web application. It is crucial for organizations using this system to implement security patches or consider alternative solutions to mitigate risks associated with this vulnerability.",SourceCodester,Simple Realtime Quiz System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-08-02T02:15:00.000Z,0
CVE-2024-7376,https://securityvulnerability.io/vulnerability/CVE-2024-7376,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A significant SQL injection vulnerability has been discovered in SourceCodester's Simple Realtime Quiz System version 1.0, specifically affecting the functionality within the script located at /print_quiz_records.php. This flaw allows attackers to manipulate input parameters—in this case, the 'id' argument—resulting in unauthorized database queries. Exploiting this vulnerability can enable a remote attacker to gain access to sensitive data, potentially compromising the application's integrity. Given that the details of this exploit are publicly available, organizations using this software are urged to apply security measures to mitigate the risk of an attack.",SourceCodester,Simple Realtime Quiz System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-08-02T02:15:00.000Z,0
CVE-2024-7374,https://securityvulnerability.io/vulnerability/CVE-2024-7374,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A significant security vulnerability has been identified in the SourceCodester Simple Realtime Quiz System version 1.0, specifically within the manage_user.php file. This vulnerability allows attackers to manipulate the 'id' parameter, leading to successful SQL injection attacks. Such exploits can be executed remotely, posing a considerable risk to data integrity and confidentiality. The vulnerability has been publicly disclosed, and it is crucial for users of the affected system to implement immediate security measures to safeguard against potential exploitation. For further details and security advisories, visit VDB-273358.",SourceCodester,Simple Realtime Quiz System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-08-02T01:16:00.000Z,0
CVE-2024-7375,https://securityvulnerability.io/vulnerability/CVE-2024-7375,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A serious security flaw has been identified in the SourceCodester Simple Realtime Quiz System version 1.0, where improper handling of the quiz argument in the '/my_quiz_result.php' file allows for SQL injection attacks. This vulnerability enables attackers to manipulate SQL queries by injecting malicious code through the affected parameter. The exploit can be triggered remotely, potentially allowing unauthorized access to sensitive data stored in the database. Given the public disclosure of this vulnerability, it poses a significant risk to users and organizations utilizing this quiz system. Immediate action is recommended to secure affected applications.",Sourcecodester,Simple Realtime Quiz System,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-08-02T00:16:00.000Z,true,false,false,,2024-08-02T01:16:00.000Z,0
CVE-2024-7373,https://securityvulnerability.io/vulnerability/CVE-2024-7373,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A significant SQL injection flaw exists in the SourceCodester Simple Realtime Quiz System version 1.0, specifically within the file and function located at /ajax.php?action=load_answered. This vulnerability arises from improper handling of the 'id' parameter, allowing attackers to manipulate database queries and execute arbitrary SQL code from a remote location. Due to the nature of the vulnerability being publicly disclosed, there is an increased risk of exploitation, which could lead to unauthorized access to sensitive data, data manipulation, or potential data loss. Organizations utilizing this system are urged to apply remediation measures promptly to safeguard their systems.",SourceCodester,Simple Realtime Quiz System,8.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-02T00:15:00.000Z,0
CVE-2024-7372,https://securityvulnerability.io/vulnerability/CVE-2024-7372,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A serious SQL injection vulnerability has been identified in the SourceCodester Simple Realtime Quiz System version 1.0, specifically related to an improperly sanitised input in the /quiz_board.php file. The exploitation of this flaw enables attackers to manipulate the 'quiz' argument, paving the way for unauthorized database access and data exfiltration. This vulnerability can be exploited remotely, highlighting the critical nature of addressing it promptly. Following the public disclosure of the exploit, organizations using this system are strongly advised to implement security patches and monitor their systems for any suspicious activities.",Sourcecodester,Simple Realtime Quiz System,8.8,HIGH,0.000910000002477318,false,,false,false,true,2024-08-01T23:15:00.000Z,true,false,false,,2024-08-02T00:15:00.000Z,0
CVE-2024-7371,https://securityvulnerability.io/vulnerability/CVE-2024-7371,Quiz System Vulnerable to SQL Injection,"A vulnerability exists in the SourceCodester Simple Realtime Quiz System 1.0 that exposes the application to SQL injection via the /quiz_view.php file. This vulnerability arises from improper handling of user inputs, specifically the manipulation of the 'id' argument. Attackers can exploit this weakness remotely, potentially gaining unauthorized access to the database. The exploit details have been publicly disclosed, heightening the urgency for affected users to apply necessary security measures.",SourceCodester,Simple Realtime Quiz System,8.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-01T23:15:00.000Z,0
CVE-2024-7370,https://securityvulnerability.io/vulnerability/CVE-2024-7370,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A critical security vulnerability has been discovered in the SourceCodester Simple Realtime Quiz System, specifically in the /manage_quiz.php file. This vulnerability allows an attacker to perform SQL injection by manipulating the 'id' parameter in the request. As a result, remote attackers can execute arbitrary SQL queries, compromising the underlying database and potentially gaining access to sensitive user information. The vulnerability has been publicly disclosed, making it imperative for users of this system to implement security measures immediately to protect against possible exploitation. Maintaining secure coding practices and regularly updating software are essential to minimize exposure to such vulnerabilities.",SourceCodester,Simple Realtime Quiz System,8.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-01T23:15:00.000Z,0
CVE-2024-7369,https://securityvulnerability.io/vulnerability/CVE-2024-7369,SQL Injection Vulnerability in SourceCodester Simple Realtime Quiz System,"A critical vulnerability has been identified in the SourceCodester Simple Realtime Quiz System 1.0 that allows for SQL injection via the /ajax.php?action=login path. This security flaw arises from improper handling of the 'username' input parameter, which can be exploited by remote attackers to execute arbitrary SQL queries. The implications of this vulnerability can lead to unauthorized access to sensitive data within the application. Since the exploit has been made publicly available, it is imperative for users and administrators of the affected system to take immediate action to mitigate potential risks.",SourceCodester,Simple Realtime Quiz System,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-01T22:15:00.000Z,0
CVE-2024-7368,https://securityvulnerability.io/vulnerability/CVE-2024-7368,Cross Site Scripting (XSS) Vulnerability in SourceCodester Simple Realtime Quiz System 1.0,A vulnerability has been found in SourceCodester Simple Realtime Quiz System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /ajax.php?action=save_quiz. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273352.,SourceCodester,Simple Realtime Quiz System,5.4,MEDIUM,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-01T22:15:00.000Z,0
CVE-2024-7367,https://securityvulnerability.io/vulnerability/CVE-2024-7367,Quiz System Vulnerable to Cross-Site Request Forgery,"A cross-site request forgery vulnerability exists in SourceCodester's Simple Realtime Quiz System 1.0, specifically affecting the /ajax.php?action=save_user endpoint. This security flaw allows attackers to exploit the system remotely by manipulating requests, potentially compromising user data and functionality. The vulnerability has been publicly disclosed and poses a risk to any system utilizing this software version, warranting immediate attention and remediation by affected users.",SourceCodester,Simple Realtime Quiz System,8.8,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2024-08-01T21:16:00.000Z,0