Diy777

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Hotel Reservation System version 1.0 **Description** A SQL injection issue exists in SourceCodester Online Hotel Reservation System version 1.0. The issue is located in the file `/admin/updateaddress.php`. Manipulation of the `address` argument within an unknown function can lead to SQL injection. The exploit is publicly available and may be used to launch attacks remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RemoteClinic versions up to 2.0 **Description** A vulnerability exists in RemoteClinic that affects the processing of the file `/patients/edit-patient.php`. Manipulation of the `Email` argument leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RemoteClinic versions up to 2.0 **Description** A vulnerability exists in RemoteClinic that allows for unrestricted file upload. The issue is located in the `/staff/edit-my-profile.php` file, impacting an unknown function. The `image` argument can be manipulated to achieve this. The attack can be launched remotely, and the exploit has been made public. **Recommendations** RemoteClinic versions prior to 2.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.