Amit_Singh

**Name of the Vulnerable Software and Affected Versions** SourceCodester Inventory Management System version 1.0 **Description** A security issue exists in SourceCodester Inventory Management System version 1.0 related to csv injection. The issue is located in an unknown function of the SVC Report Export component and can be exploited remotely. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Inventory Management System version 1.0 **Description** A weakness exists in SourceCodester Inventory Management System 1.0 that could allow for weak password recovery. The issue is related to an unknown function within the `/model/user/resetPassword.php` file. This could be exploited remotely. The exploit has been made publicly available. **Recommendations** Apply a fix to the `/model/user/resetPassword.php` file to address the weak password recovery issue.