Owenw

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Flight Ticket Booking System version 1.0 **Description** A security flaw exists in code-projects Simple Flight Ticket Booking System version 1.0. The issue involves SQL injection, potentially allowing remote attackers to exploit the system. The vulnerability is present in the file `/Admindelete.php` and occurs through manipulation of the `flightno` argument. The exploit has been publicly released. **Recommendations** Apply any available updates or patches for code-projects Simple Flight Ticket Booking System version 1.0. As a temporary workaround, consider restricting access to the `/Admindelete.php` file or carefully validating the `flightno` argument to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Simple Flight Ticket Booking System version 1.0 **Description** A security issue exists in Simple Flight Ticket Booking System 1.0. The manipulation of the arguments `flightno`, `airplaneid`, `departure`, `dtime`, `arrival`, `atime`, `ec`, `ep`, `bc`, and `bp` in the file /Adminadd.php can lead to a SQL injection. Remote exploitation is possible. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Flight Ticket Booking System version 1.0 **Description** A SQL injection issue exists in code-projects Simple Flight Ticket Booking System version 1.0. The issue is located in the `/Adminupdate.php` file, specifically within an unknown function. The manipulation of the `flightno`, `airplaneid`, `departure`, `dtime`, `arrival`, `atime`, `ec`, `ep`, `bc`, or `bp` parameters can lead to SQL injection. This attack can be carried out remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Flight Ticket Booking System version 1.0 **Description** A flaw exists in Simple Flight Ticket Booking System that allows for remote SQL injection. The issue stems from improper handling of the `flightno` argument within the /Adminsearch.php file. Exploitation of this issue is possible remotely, and details about the exploit are publicly available. **Recommendations** Apply a fix to address the improper handling of the `flightno` argument in the /Adminsearch.php file.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Flight Ticket Booking System version 1.0 **Description** A security flaw exists in code-projects Simple Flight Ticket Booking System version 1.0. The issue involves a SQL injection impacting an unknown function within the /login.php file. Manipulation of the `Username` argument can trigger the injection. This attack can be initiated remotely. The exploit has been publicly released. **Recommendations** Apply any available updates or patches for code-projects Simple Flight Ticket Booking System version 1.0. As a temporary workaround, consider restricting access to the /login.php file. Sanitize the `Username` input to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Simple Flight Ticket Booking System version 1.0 **Description** A flaw exists in Simple Flight Ticket Booking System 1.0 that allows for SQL injection. A manipulation of the `Username` argument in the `/register.php` file can trigger this issue. The attack can be launched remotely. The exploit has been publicly released. **Recommendations** Apply any available updates to address the SQL injection issue in the `/register.php` file. As a temporary workaround, sanitize the `Username` input to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** itsourcecode College Management System version 1.0 **Description** A SQL injection issue exists due to the manipulation of the `course code` argument within the processing of the `/admin/class-result.php` file. This allows for remote attacks. The exploit for this issue has been publicly released. SQL injection is a technique where malicious code is inserted into a database query, potentially allowing an attacker to access, modify, or delete data. **Recommendations** For itsourcecode College Management System version 1.0, restrict access to the `/admin/class-result.php` file or sanitize the `course code` parameter to prevent SQL injection.

**Name of the Vulnerable Software and Affected Versions** itsourcecode College Management System version 1.0 **Description** A flaw exists in the College Management System that allows for remote manipulation of the `roll no` argument in the `/admin/student-fee.php` file, leading to a SQL injection. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.