cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-1197,https://securityvulnerability.io/vulnerability/CVE-2024-1197,SQL Injection Vulnerability in SourceCodester Testimonial Page Manager,"A vulnerability has been detected within SourceCodester's Testimonial Page Manager version 1.0 that affects the delete-testimonial.php file. This vulnerability allows an attacker to manipulate the 'testimony' argument, leading to a SQL injection, which can be executed remotely. Exploitation of this vulnerability poses significant security risks to data integrity and confidentiality, making it essential for users of the affected version to apply necessary updates and mitigate potential threats.",SourceCodester,Testimonial Page Manager,9.8,CRITICAL,0.0013500000350177288,false,,false,false,false,,,false,false,,2024-02-02T22:31:03.760Z,0
CVE-2024-1196,https://securityvulnerability.io/vulnerability/CVE-2024-1196,Cross Site Scripting Vulnerability in Testimonial Page Manager 1.0,"A cross-site scripting vulnerability exists within the SourceCodester Testimonial Page Manager, specifically associated with the HTTP POST Request Handler in the add-testimonial.php file. This vulnerability allows for the exploitation of user inputs, such as name, description, and testimony fields, resulting in potential execution of arbitrary scripts in the context of a victim's browser. Attackers can initiate these attacks remotely, leveraging the security flaw to manipulate the input data and execute malicious payloads. Proper validation and sanitization of user input are essential to mitigate this security risk.",Sourcecodester,Testimonial Page Manager,6.1,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-02-02T22:00:05.995Z,0