Xuyue

A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/application status.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /admin/jobs-admins/delete-jobs.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Food Order System version 1.0 **Description** A security flaw exists in code-projects Simple Food Order System version 1.0. The issue resides in the Parameter Handler component, specifically within the file `/all-tickets.php`. Manipulation of the `Status` argument can lead to SQL injection. This attack can be initiated remotely. The exploit has been publicly released. **Recommendations** Apply any available updates or patches for code-projects Simple Food Order System version 1.0. As a temporary workaround, restrict access to the `/all-tickets.php` file. Sanitize the `Status` parameter before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** Simple Food Order System version 1.0 **Description** A flaw exists in Simple Food Order System 1.0 related to the handling of parameters. Specifically, manipulating the `Name` argument can lead to SQL injection. This issue affects an unknown function within the `register-router.php` file of the Parameter Handler component and can be exploited remotely. The exploit code is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Food Order System version 1.0 **Description** A security issue exists in code-projects Simple Food Order System version 1.0 related to SQL injection. The issue is located in the `all-orders.php` file within the Parameter Handler component. Manipulation of the `Status` parameter can lead to a successful SQL injection attack. The attack can be initiated remotely, and details of the exploit have been publicly disclosed. **Recommendations** Apply a fix to address the SQL injection issue in the `all-orders.php` file, specifically related to the `Status` parameter.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Food Order System version 1.0 **Description** A flaw exists in code-projects Simple Food Order System 1.0 that allows for SQL injection. This issue is located in an unknown functionality within the `/routers/add-item.php` file. Manipulation of the `price` argument can lead to successful exploitation. The attack can be initiated remotely, and a public exploit is available. **Recommendations** Apply a fix or patch for code-projects Simple Food Order System version 1.0 to address the SQL injection issue in the `/routers/add-item.php` file.

**Name of the Vulnerable Software and Affected Versions** Simple Flight Ticket Booking System version 1.0 **Description** A SQL injection issue exists in Simple Flight Ticket Booking System version 1.0. The issue is located in the `SearchResultOneway.php` file and involves manipulation of the `from` argument. This allows for remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Flight Ticket Booking System version 1.0 **Description** A flaw exists in Simple Flight Ticket Booking System version 1.0, specifically within the SearchResultRoundtrip.php file. Manipulation of input provided to the application through the `results` argument can lead to SQL injection. This issue can be exploited remotely. The exploit for this issue has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Reviewer System version 1.0 **Description** A security flaw exists in code-projects Online Reviewer System 1.0. The issue involves a SQL injection resulting from manipulation of the `ID` argument within an unknown function of the file `/reviewer/system/system/admins/manage/users/user-delete.php`. The attack can be initiated remotely. The exploit has been released publicly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Social Networking Site version 1.0 **Description** A security flaw exists in code-projects Social Networking Site 1.0. The issue is related to SQL injection in an unknown function within the /delete post.php file. Manipulating the `ID` argument can trigger the injection. This can be initiated remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.