Ysi6701

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Laundry System version 1.0 **Description** A SQL injection issue exists in code-projects Simple Laundry System version 1.0. The issue is related to the manipulation of the `serviceId` parameter within the `/viewdetail.php` file and its Parameters Handler component. This allows for remote exploitation. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple Laundry System version 1.0 **Description** A security flaw exists in Simple Laundry System version 1.0 related to SQL injection. The issue is located in the `/checkupdatestatus.php` file within the Parameters Handler component. Manipulation of the `serviceId` parameter can lead to SQL injection. The exploit has been publicly released and may be used for attacks. The vulnerable function is unknown. **Recommendations** Simple Laundry System version 1.0: Address the SQL injection issue by sanitizing or validating the `serviceId` parameter before using it in database queries. As a temporary workaround, consider restricting access to the `/checkupdatestatus.php` file until a fix is available.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Laundry System version 1.0 **Description** A flaw exists in code-projects Simple Laundry System 1.0, specifically within the Parameters Handler component. The issue involves SQL injection, triggered by manipulating the `Username` argument in the `/checklogin.php` file. This manipulation can be carried out remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Free Hotel Reservation System version 1.0 **Description** A security flaw exists in itsourcecode Free Hotel Reservation System version 1.0. The issue involves a SQL injection impacting an unknown function within the file `/hotel/admin/mod amenities/index.php?view=edit`. Manipulation of the `amen id`/`rmtype id` argument can trigger the SQL injection. The attack is possible remotely, and an exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.