Burak

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Directory Management System version 1.0 **Description** A critical issue affects the processing of the file /admin/index.php, where the manipulation of the `username` argument leads to SQL injection. The attack can be initiated remotely. **Recommendations** For PHPGurukul Directory Management System version 1.0, as a temporary workaround, consider restricting access to the /admin/index.php file until a patch is available. Avoid using the `username` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Event Registration System version 1.0 **Description** A vulnerability was found in the system, affecting an unknown functionality of the file "/registrar/?page=registration". The manipulation of the argument `e` leads to cross site scripting. The attack can be launched remotely. **Recommendations** For SourceCodester Event Registration System version 1.0, as a temporary workaround, consider restricting access to the "/registrar/?page=registration" endpoint until a patch is available. Avoid using the argument `e` in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SourceCodester Event Registration System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file "/registrar/?page=registration". The manipulation of the `e` argument leads to SQL injection. It is possible to launch the attack remotely. Recommendations: For SourceCodester Event Registration System version 1.0, as a temporary workaround, consider restricting access to the "/registrar/?page=registration" endpoint until a patch is available. Avoid using the `e` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SourceCodester Event Registration System version 1.0 Description: A critical issue affects the processing of the file /classes/Master.php?f=load registration, where the manipulation of the argument `last id/event id` leads to sql injection. The attack can be initiated remotely. Recommendations: For SourceCodester Event Registration System version 1.0, consider restricting access to the `last id` and `event id` arguments in the /classes/Master.php?f=load registration file to minimize the risk of sql injection exploitation. As a temporary workaround, avoid using the `last id` and `event id` arguments in the affected file until a patch is available.

Name of the Vulnerable Software and Affected Versions: SourceCodester Event Registration System version 1.0 Description: A critical issue has been found in the system, affecting the /admin/login.php file. The manipulation of the `username` and `password` arguments leads to SQL injection. The attack can be initiated remotely. Recommendations: For SourceCodester Event Registration System version 1.0, consider temporarily restricting access to the /admin/login.php file until a patch is available. As a mitigation measure, avoid using the `username` and `password` arguments in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Directory Management System version 1.0 **Description** A problematic issue was found in the Searchbar component of the file /admin/admin-profile.php, leading to cross site scripting. The attack can be launched remotely. **Recommendations** For PHPGurukul Directory Management System version 1.0, consider restricting access to the /admin/admin-profile.php file until a fix is available. Avoid using the Searchbar component in this version to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Directory Management System version 1.0 **Description** A problematic issue has been found in the PHPGurukul Directory Management System, affecting an unknown function of the file /admin/search-directory.php. This issue leads to cross-site scripting and can be exploited remotely. The exploit has been disclosed publicly. **Recommendations** For PHPGurukul Directory Management System version 1.0, consider disabling access to the /admin/search-directory.php file until a patch is available. Restrict input to prevent cross-site scripting attacks. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Electricity Consumption Monitoring Tool version 1.0 **Description** A critical issue has been identified, affecting the /endpoint/delete-bill.php file. The manipulation of the `bill` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For SourceCodester Electricity Consumption Monitoring Tool version 1.0, consider restricting access to the /endpoint/delete-bill.php endpoint until a patch is available. As a temporary workaround, avoid using the `bill` argument in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Event Registration System version 1.0 **Description** A problematic issue has been found in the system, affecting an unknown part of the file /registrar/. The manipulation of the `searchbar` argument leads to cross-site scripting. It is possible to initiate the attack remotely. **Recommendations** For SourceCodester Event Registration System version 1.0, consider disabling the `searchbar` argument in the /registrar/ file as a temporary workaround until a patch is available. Restrict access to the /registrar/ file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Event Registration System version 1.0 **Description** A critical issue affects some unknown functionality of the file /registrar/. The manipulation of the `search` argument leads to SQL injection. The attack may be launched remotely. **Recommendations** For SourceCodester Event Registration System version 1.0, as a temporary workaround, consider restricting access to the /registrar/ file until a patch is available. Avoid using the `search` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Best House Rental Management System, affecting the file login.php. The manipulation of the `username` and `password` arguments leads to SQL injection. The attack can be initiated remotely. Recommendations: For SourceCodester Best House Rental Management System version 1.0, as a temporary workaround, consider restricting access to the login.php file until a patch is available. Avoid using the `username` and `password` arguments in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A critical issue affects the processing of the file view payment.php. The manipulation of the `id` argument leads to SQL injection. The attack may be initiated remotely. Recommendations: For SourceCodester Best House Rental Management System version 1.0, consider disabling the `id` parameter in the view payment.php file as a temporary workaround until a patch is available. Restrict access to the view payment.php file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration System version 3.1 Description: A critical vulnerability has been found in the PHPGurukul Online Course Registration System. The issue is related to the manipulation of the `regno` argument, which leads to SQL injection. This can be exploited remotely. Recommendations: For PHPGurukul Online Course Registration System version 3.1, consider restricting access to the `/onlinecourse/` endpoint until a patch is available. As a temporary workaround, avoid using the `regno` argument in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration System version 3.1 Description: A critical issue affects the processing of the file news-details.php, where the manipulation of the `nid` argument leads to SQL injection. This issue can be initiated remotely. Recommendations: For PHPGurukul Online Course Registration System version 3.1, consider restricting access to the news-details.php file until a fix is available, and avoid using the `nid` argument in this context to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration System version 3.1 Description: A critical vulnerability was found in the PHPGurukul Online Course Registration System, affecting an unknown functionality of the file /pincode-verification.php. The manipulation of the `pincode` argument leads to SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Recommendations: For PHPGurukul Online Course Registration System version 3.1, consider disabling the /pincode-verification.php file or restricting access to it until a patch is available. Avoid using the `pincode` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration System version 3.1 Description: A critical issue has been identified, affecting the /admin/index.php file. The manipulation of the `username` and `password` arguments leads to SQL injection. This issue can be exploited remotely. Recommendations: For PHPGurukul Online Course Registration System version 3.1, consider restricting access to the /admin/index.php file until a fix is available, and avoid using the `username` and `password` arguments in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** code-projects Budget Management version 1.0 **Description** A critical vulnerability was found in the code-projects Budget Management software. The issue affects an unknown functionality of the file /index.php. The manipulation of the `edit` argument leads to SQL injection. The attack can be launched remotely. **Recommendations** For version 1.0, patch immediately and review logs for signs of compromise. As a temporary workaround, consider restricting access to the `/index.php` file until a patch is available. Avoid using the `edit` argument in the affected API endpoint until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A problematic issue was found in the code-projects Simple Chat System, affecting an unknown function of the file /register.php. The manipulation of the `name` argument leads to cross-site scripting. It is possible to launch the attack remotely. Recommendations: For code-projects Simple Chat System version 1.0, consider disabling the affected function in the /register.php file until a patch is available. Restrict access to the /register.php file to minimize the risk of exploitation. Avoid using the `name` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Interactive Map with Marker version 1.0 **Description** A critical issue has been found, affecting an unknown functionality of the file /endpoint/delete-mark.php. The manipulation of the `mark` argument leads to SQL injection. The attack can be launched remotely. **Recommendations** For version 1.0, as a temporary workaround, consider restricting access to the /endpoint/delete-mark.php endpoint until a patch is available. Avoid using the `mark` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Interactive Map with Marker version 1.0 **Description** A problem was found in the file Marker Name of the component Add Marker, which can lead to cross site scripting. The issue can be exploited remotely. **Recommendations** For version 1.0, consider disabling the Add Marker component until a fix is available to prevent cross site scripting attacks.