Shafuq31

Name of the Vulnerable Software and Affected Versions: Fullaspsite ASP Hosting Site (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `cat` parameter in the listmain.asp file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Metyus Okul Yonetim Sistemi version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `kullanici ismi` and `sifre` parameters in the uye giris islem.asp file. **Recommendations** For Metyus Okul Yonetim Sistemi version 1.0, consider restricting access to the uye giris islem.asp file until a patch is available. As a temporary workaround, avoid using the `kullanici ismi` and `sifre` parameters in the affected file to minimize the risk of exploitation.