125Hzb

Name of the Vulnerable Software and Affected Versions Vehicle Showroom Management System version 1.0 Description A SQL injection issue exists in an unknown functionality of the file `/util/MonthTotalReportUpdateFunction.php`. Manipulating the `BRANCH ID` argument can trigger the injection. The attack can be carried out remotely, and the exploit is publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/util/MonthTotalReportUpdateFunction.php` file.

Name of the Vulnerable Software and Affected Versions code-projects Vehicle Showroom Management System version 1.0 Description A flaw exists in an unknown functionality of the file `/util/BookVehicleFunction.php`. Manipulation of the `BRANCH ID` argument can lead to SQL injection. The attack can be performed remotely and an exploit has been published. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions code-projects Vehicle Showroom Management System version 1.0 Description A flaw exists in code-projects Vehicle Showroom Management System 1.0, specifically within the `/util/RegisterCustomerFunction.php` file. Manipulation of the `BRANCH ID` argument can lead to SQL injection. This issue is remotely exploitable and an exploit is publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability.