Azeem_N

**Name of the Vulnerable Software and Affected Versions** CodeAstro University Management System version 1.0 **Description** A problematic issue was found in the Student Registration Form component, specifically in the /st reg.php file. The manipulation of the `Address` argument leads to cross-site scripting. This issue can be exploited remotely. **Recommendations** For CodeAstro University Management System version 1.0, consider restricting access to the /st reg.php file until a patch is available. As a temporary workaround, avoid using the `Address` argument in the Student Registration Form to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** CodeAstro University Management System version 1.0 **Description** A problematic vulnerability has been found in the Attendance Management component, specifically in the file /att add.php. The manipulation of the `Student Name` argument leads to cross-site scripting. This issue can be exploited remotely. **Recommendations** For CodeAstro University Management System version 1.0, consider disabling the `Student Name` argument in the /att add.php file until a patch is available to prevent cross-site scripting attacks. Restrict access to the Attendance Management component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CodeAstro Simple Student Result Management System version 5.6 **Description** A problematic issue was found in the CodeAstro Simple Student Result Management System. This issue affects the /add classes.php file of the Add Class Page component. The manipulation of the `Class Name` argument leads to cross-site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For CodeAstro Simple Student Result Management System version 5.6, consider disabling the `Class Name` argument in the /add classes.php file of the Add Class Page component until a patch is available. Restrict access to the /add classes.php file to minimize the risk of exploitation. Avoid using the `Class Name` argument in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Company Visitor Management System version 1.0 **Description** A vulnerability was found in the PHPGurukul Company Visitor Management System, affecting some unknown functionality of the file search-visitor.php. The manipulation leads to cross-site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For PHPGurukul Company Visitor Management System version 1.0, consider disabling the affected functionality of the file search-visitor.php until a patch is available. Restrict access to the search-visitor.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Company Visitor Management System version 1.0 **Description** A critical issue was found in the PHPGurukul Company Visitor Management System, affecting an unknown functionality of the file search-visitor.php. This issue leads to sql injection and can be exploited remotely. The exploit has been disclosed to the public. **Recommendations** For PHPGurukul Company Visitor Management System version 1.0, consider disabling access to the search-visitor.php file until a patch is available to prevent sql injection attacks. Restrict remote access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Blood Bank & Donor Management version 1.0 **Description** A problematic issue was found in the software, affecting an unknown part of the file `request-received-bydonar.php`. This leads to cross site scripting and can be initiated remotely. The issue has been publicly disclosed and may be exploited. **Recommendations** For Blood Bank & Donor Management version 1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Blood Bank & Donor Management version 5.6 **Description** A critical issue has been found in the software, affecting unknown code of the file /admin/request-received-bydonar.php. This leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Blood Bank & Donor Management version 5.6, consider restricting access to the /admin/request-received-bydonar.php file until a patch is available. As a temporary workaround, avoid using this file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** CodeAstro Simple House Rental System version 5.6 **Description** A problematic vulnerability was found in the Login Panel component, allowing for cross-site scripting. The attack can be launched remotely. **Recommendations** For CodeAstro Simple House Rental System version 5.6, consider disabling the Login Panel component until a patch is available. Restrict access to the Login Panel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.