Drunkbaby

**Name of the Vulnerable Software and Affected Versions** WinMail versions 5.1 and earlier WinMail version 7.1 **Description** An issue allows a remote attacker to execute arbitrary code via a crafted script to the `email` parameter. **Recommendations** For WinMail versions 5.1 and earlier, update to a version later than 5.1 to resolve the issue. For WinMail version 7.1, update to a version later than 7.1 to resolve the issue. As a temporary workaround, consider restricting access to the `email` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Sanitization Management System (affected versions not specified) **Description** A critical issue affects the processing of the file /php-sms/?p=services/view service, where the manipulation of the `id` argument leads to sql injection. The attack can be initiated remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Sanitization Management System (affected versions not specified) **Description** A problematic issue has been found in the system, affecting an unknown function of the file /php-sms/admin/. The manipulation of the `page` argument leads to cross-site scripting. It is possible to launch the attack remotely. The issue has been disclosed to the public and may be used. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Simple Task Managing System (affected versions not specified) **Description** A problematic vulnerability was found in the SourceCodester Simple Task Managing System, affecting unknown code. The manipulation of the `student add` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Gas Agency Management System (affected versions not specified) **Description** A critical issue was found in the SourceCodester Gas Agency Management System, affecting an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the `shell` argument leads to unrestricted upload. This issue can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Loan Management System (affected versions not specified) **Description** A critical issue affects some unknown functionality of the file /index.php. The manipulation of the `password` argument leads to SQL injection. The attack can be launched remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Admission System (affected versions not specified) **Description** A problematic vulnerability has been found in the SourceCodester Online Admission System, affecting the /index.php file. The manipulation of the `student add` argument leads to cross-site scripting. This issue can be exploited remotely. The vulnerability may allow an attacker to conduct a cross-site scripting (XSS) attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.