Wanyan

**Name of the Vulnerable Software and Affected Versions** itsourcecode Agri-Trading Online Shopping System version 1.0 **Description** A flaw exists within the Agri-Trading Online Shopping System that allows for SQL injection. This issue stems from manipulating the `Product` argument within an HTTP POST request handler located in the file `admin/productcontroller.php`. The attack can be initiated remotely. The exploit has been publicly released. **Recommendations** Apply input validation and sanitization to the `Product` argument in the `admin/productcontroller.php` file to prevent SQL injection.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Vehicle Management System version 1.0 **Description** A SQL injection issue exists in itsourcecode Vehicle Management System. A manipulation of the `ID` argument in the `/billaction.php` file can lead to SQL injection. The attack can be launched remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Event Management System version 1.0 **Description** A flaw exists in itsourcecode Event Management System version 1.0 that allows for remote code execution. The issue is located in the `/admin/manage user.php` file, specifically within an unknown function. Manipulation of the `ID` parameter can lead to SQL injection. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode News Portal Project version 1.0 **Description** A flaw exists in the Administrator Login component of itsourcecode News Portal Project 1.0, specifically within the file '/admin/index.php'. Manipulation of the `email` argument can lead to SQL injection. This issue can be exploited remotely. The exploit has been published. The vulnerable code is unknown. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.