Rahul Patwari

**Name of the Vulnerable Software and Affected Versions** Simple Customer Relationship Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `gender` parameter in the user profile update function. **Recommendations** For Simple Customer Relationship Management System version 1.0, avoid using the `gender` parameter in the user profile update function until a fix is available. As a temporary workaround, consider restricting access to the user profile update function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Customer Relationship Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `address` parameter in the user profile update function. **Recommendations** For Simple Customer Relationship Management System version 1.0, avoid using the `address` parameter in the user profile update function until a fix is available. Consider temporarily restricting access to the user profile update function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Customer Relationship Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `company` parameter in the user profile update function. **Recommendations** For Simple Customer Relationship Management System version 1.0, consider restricting access to the user profile update function until a fix is available. As a temporary workaround, avoid using the `company` parameter in the user profile update function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Customer Relationship Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the query parameter in the user profile update function. **Recommendations** For Simple Customer Relationship Management System version 1.0, consider restricting access to the user profile update function until a patch is available. As a temporary workaround, avoid using the query parameter in the user profile update function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Art Gallery Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. It can be exploited via the `viewid` parameter on the enquiry page. **Recommendations** For Art Gallery Management System version 1.0, consider restricting access to the enquiry page or validating and sanitizing the `viewid` parameter to prevent SQL injection attacks. As a temporary workaround, avoid using the `viewid` parameter in the enquiry page until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Simple Customer Relationship Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `contact` parameter in the user profile update function. **Recommendations** For Simple Customer Relationship Management System version 1.0, avoid using the `contact` parameter in the user profile update function until a fix is available. Consider temporarily restricting access to the user profile update function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Art Gallery Management System Project version 1.0 **Description** A SQL injection issue was found in the product.php file, specifically via the `cid` parameter. **Recommendations** For version 1.0, avoid using the `cid` parameter in the product.php file until the issue is resolved. As a temporary workaround, consider restricting access to the product.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Art Gallery Management System Project version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `editid` parameter. **Recommendations** For Art Gallery Management System Project version 1.0, consider restricting access to the `editid` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Art Gallery Management System Project version 1.0 **Description** A reflected cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `artname` parameter under the ART TYPE option in the navigation bar. **Recommendations** For Art Gallery Management System Project version 1.0, avoid using the `artname` parameter in the affected navigation bar option until the issue is resolved. Consider temporarily restricting access to the ART TYPE option to minimize the risk of exploitation.