Balancelee

**Name of the Vulnerable Software and Affected Versions** code-projects Public Chat Room version 1.0 **Description** A critical issue exists in code-projects Public Chat Room 1.0 related to a functionality within the `/login.php` file. Manipulation of the `Username` argument results in a SQL injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Public Chat Room version 1.0 **Description** A problematic issue exists in code-projects Public Chat Room 1.0. The issue is related to cross site scripting, triggered by manipulating the `chat msg/your name` argument within an unknown part of the `/send message.php` file. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** Sanitize the `chat msg/your name` argument in the `/send message.php` file to prevent cross site scripting.

**Name of the Vulnerable Software and Affected Versions** code-projects E-Commerce Site version 1.0 **Description** A problematic issue exists in code-projects E-Commerce Site. The issue involves cross-site request forgery, potentially allowing remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: code-projects Online Appointment Booking System version 1.0 Description: A critical issue exists in code-projects Online Appointment Booking System 1.0. The vulnerability is due to a SQL injection flaw within an unknown functionality of the `/cover.php` file. Manipulation of the `uname/psw` argument can trigger the injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.