Daminqaq

**Name of the Vulnerable Software and Affected Versions** code-projects Online Event Judging System version 1.0 **Description** A flaw exists in code-projects Online Event Judging System that allows for SQL injection. This issue is related to the `/add judge.php` file and manipulation of the `fullname` argument. The attack can be initiated remotely and an exploit is publicly available. **Recommendations** Apply a fix to the `/add judge.php` file to prevent manipulation of the `fullname` argument.

**Name of the Vulnerable Software and Affected Versions** code-projects Automated Voting System version 1.0 **Description** A flaw exists in code-projects Automated Voting System that allows for remote execution of SQL injection attacks. The issue is located in the file `/admin/add candidate modal.php`. Specifically, manipulating the `firstname` argument can lead to a successful exploit. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.