111Ctx

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple To-Do List System version 1.0 Description: A weakness exists in SourceCodester Simple To-Do List System that allows for cross site scripting. The issue is located in the `/fetch tasks.php` file, within the Add New Task component, and involves manipulation of input. Specifically, providing the input `<script>alert('XSS')</script>` can trigger the vulnerability. The exploit has been made publicly available and could be exploited remotely. Recommendations: As a temporary workaround, consider restricting or disabling the Add New Task component until a fix is available. Sanitize all user-supplied input before using it in the `/fetch tasks.php` file.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Pet Grooming Management Software version 1.0 **Description** A vulnerability exists in SourceCodester Pet Grooming Management Software that allows for unrestricted file upload through manipulation of an unknown functionality within the `/admin/profile.php` file. This issue can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, restrict access to the `/admin/profile.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Pet Grooming Management Software version 1.0 **Description** A security flaw has been discovered that allows for unrestricted file upload through manipulation of unknown code within the `manage website.php` file. This issue is remotely exploitable and the exploit has been publicly released. **Recommendations** As a temporary workaround, restrict access to the `manage website.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** code-projects Responsive Blog Site version 1.0 **Description** A weakness exists in code-projects Responsive Blog Site 1.0, affecting an unknown function within the `blogs view.php` file. Manipulation of the `product code`, `gen name`, `product name`, or `supplier` argument can lead to cross site scripting. This issue is potentially exploitable remotely, and an exploit has been publicly released. **Recommendations** As a temporary workaround, consider restricting or sanitizing the `product code`, `gen name`, `product name`, and `supplier` arguments to prevent manipulation. Disable or restrict access to the `blogs view.php` file until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Fruit Shop Management System version 1.0 **Description** A cross-site scripting issue exists in the Fruit Shop Management System. The vulnerability is located in the `products.php` file and involves manipulation of the `product code`, `gen name`, `product name`, or `supplier` parameters. This allows for remote attacks. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `products.php` file to minimize the risk of exploitation. Avoid using the `product code`, `gen name`, `product name`, and `supplier` parameters in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** code-projects POS Pharmacy System version 1.0 **Description** A weakness exists in code-projects POS Pharmacy System 1.0, potentially leading to cross-site scripting. The issue is related to the manipulation of the `product code`, `gen name`, `product name`, or `supplier` arguments within an unknown function of the `/main/products.php` file. This manipulation can be initiated remotely. The exploit has been made publicly available. **Recommendations** As a temporary workaround, consider restricting access to the `/main/products.php` file to minimize the risk of exploitation. Sanitize the `product code`, `gen name`, `product name`, and `supplier` arguments before processing them within the affected function.

**Name of the Vulnerable Software and Affected Versions** code-projects Mobile Shop Management System version 1.0 **Description** A security issue has been identified in code-projects Mobile Shop Management System version 1.0. The vulnerability involves unrestricted upload capabilities due to the manipulation of the `ProductImage` argument within the file `AddNewProduct.php`. This issue is exploitable remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting file uploads through the `AddNewProduct.php` file until a fix is available.