Bardminx

**Name of the Vulnerable Software and Affected Versions** ITSourcecode COVID Tracking System Using QR-Code version 1.0 **Description** A SQL injection issue exists in the '/cts/admin/?page=zone' file. The issue occurs because malicious code can be injected through the `id` parameter and directly used in SQL queries without proper sanitization or validation. **Recommendations** Apply appropriate cleaning or validation to the `id` parameter before using it in SQL queries.

**Name of the Vulnerable Software and Affected Versions** itsourcecode COVID Tracking System version 1.0 **Description** A weakness exists in itsourcecode COVID Tracking System version 1.0 that allows for SQL injection. The issue is located in the file `/admin/?page=user` and involves manipulation of the `Username` argument. This manipulation can be carried out remotely. The exploit has been made publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode COVID Tracking System version 1.0 **Description** A security issue exists in itsourcecode COVID Tracking System version 1.0. The issue involves a SQL injection that can be triggered by manipulating the `meta value` argument in the file '/admin/?page=system info'. The attack can be performed remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.