1337Gu

**Name of the Vulnerable Software and Affected Versions** code-projects Blood Bank System version 1.0 **Description** A vulnerability was found in the code-projects Blood Bank System, affecting unknown code of the file /Blood/A-.php. The manipulation of the `Bloodname` argument leads to cross-site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For code-projects Blood Bank System version 1.0, as a temporary workaround, consider restricting access to the `/Blood/A-.php` file until a patch is available. Avoid using the `Bloodname` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: code-projects Real Estate Property Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file /search.php. The manipulation of the `StateName`, `CityName`, `AreaName`, or `CatId` arguments leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Recommendations: For code-projects Real Estate Property Management System version 1.0, consider disabling the `/search.php` file or restricting access to it until a patch is available. As a temporary workaround, avoid using the `StateName`, `CityName`, `AreaName`, or `CatId` arguments in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A vulnerability has been found in the code, classified as problematic. It affects an unknown part of the file /parse/ call job search ajax.php. The manipulation of the `n` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For code-projects Job Recruitment version 1.0, consider restricting access to the `/parse/ call job search ajax.php` file until a patch is available. As a temporary workaround, avoid using the `n` argument in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** This issue affects some unknown processing of the file call job search ajax.php. The manipulation of the `job type` argument leads to cross-site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** code-projects Job Recruitment version 1.0 should apply a patch or update to fix the cross-site scripting issue in the call job search ajax.php file, specifically securing the `job type` argument to prevent remote attacks.