Baiqiuran

A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Electronic Judging System version 1.0 **Description** An issue exists in the file '/intrams/admin/login.php' where manipulation of the `Username` argument allows for SQL injection, which is a technique used to interfere with the queries that an application makes to its database. This allows for remote exploitation of the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Electronic Judging System version 1.0 **Description** A remote SQL injection exists in the '/intrams/login.php' endpoint. Manipulation of the `Username` argument allows for this attack, where SQL injection is a technique that inserts malicious SQL queries into input fields to manipulate a database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Pharmacy Sales and Inventory System version 1.0 **Description** A security flaw allows remote attackers to perform SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution. The issue exists in an unknown function within the '/ajax.php?action=save sales' endpoint when manipulating the `ID` argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Pharmacy Sales and Inventory System version 1.0 **Description** A SQL injection flaw exists that allows remote attackers to execute malicious queries. The issue is located in an unknown function within the '/ajax.php?action=save receiving' endpoint, specifically through the manipulation of the `ID` argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.