563742137Abc

Name of the Vulnerable Software and Affected Versions SourceCodester Sales and Inventory System versão 1.0 Description Uma falha foi encontrada no SourceCodester Sales and Inventory System 1.0, especificamente dentro de uma função desconhecida do arquivo `/delete.php` associado ao componente GET Parameter Handler. A manipulação do parâmetro `ID` pode levar a cross-site scripting. A exploração remota é possível. Recommendations Atualize para uma versão mais recente que contenha uma correção para esta vulnerabilidade. Como medida temporária, considere restringir o acesso ao arquivo `/delete.php`.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Sales and Inventory System version 1.0 **Description** A flaw exists in SourceCodester Sales and Inventory System 1.0 related to the handling of HTTP GET parameters. Specifically, manipulation of the `sid` argument in the `/update stock.php` file can lead to SQL injection. Remote exploitation is possible, and details of the issue have been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Simple E-learning System version 1.0 **Description** A security issue exists in SourceCodester Simple E-learning System 1.0. The issue is related to SQL injection within the `/includes/form handlers/delete post.php` file, specifically through manipulation of the `post id` argument via an HTTP GET request. This allows for remote exploitation. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Simple E-learning System version 1.0 **Description** A SQL injection issue exists in the User Profile Update Handler component. The manipulation of the `firstName` argument can lead to SQL injection. The exploit is publicly available and may be used to launch attacks remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Loan Management System version 1.0 **Description** A cross site scripting issue exists in SourceCodester Loan Management System 1.0. The issue is related to the manipulation of the `page` argument within the /index.php file. This allows for remote execution of malicious scripts. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.