Ersinerenler

**Name of the Vulnerable Software and Affected Versions** Inventory Management version 1.0 **Description** The issue allows a local attacker to execute arbitrary SQL commands via the `id` parameter in the "deleteProduct.php" component. This can lead to unauthorized data access and modification. **Recommendations** For Inventory Management version 1.0, avoid using the `id` parameter in the deleteProduct.php component until a fix is available. As a temporary workaround, consider restricting access to the deleteProduct.php component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to execute arbitrary SQL commands. This is achieved by exploiting the `bid` parameter in the delete.php file. **Recommendations** For Code-Projects Blood Bank version 1.0, consider restricting access to the delete.php file until a patch is available, and avoid using the `bid` parameter in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Simple Task List version 1.0 **Description** A SQL injection issue allows attackers to obtain sensitive information by manipulating the `status` parameter in the "addTask.php" file. **Recommendations** For Code-Projects Simple Task List version 1.0, consider restricting access to the 'addTask.php' file or avoiding the use of the `status` parameter until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** phpgurukul Teacher Subject Allocation Management System version 1.0 **Description** The issue allows attackers to execute arbitrary SQL commands and obtain sensitive information. This is achieved via the `searchdata` parameter in the "index.php" file. **Recommendations** For phpgurukul Teacher Subject Allocation Management System version 1.0, consider restricting access to the `searchdata` parameter in the "index.php" file until a patch is available. As a temporary workaround, avoid using the `searchdata` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** phpgurukul Teacher Subject Allocation Management System version 1.0 **Description** The issue allows attackers to obtain sensitive information. It involves a SQL Injection vulnerability in the teacher-info.php file, where the `editid` parameter is vulnerable. **Recommendations** For phpgurukul Teacher Subject Allocation Management System version 1.0, consider restricting access to the "teacher-info.php" file until a patch is available, and avoid using the `editid` parameter in the affected API endpoint.

**Name of the Vulnerable Software and Affected Versions** phpgurukul Teacher Subject Allocation Management System version 1.0 **Description** The issue concerns a Cross Site Scripting (XSS) vulnerability. This vulnerability allows attackers to run arbitrary code via the `adminname` and `email` parameters in the profile.php file. **Recommendations** For phpgurukul Teacher Subject Allocation Management System version 1.0, consider restricting the input for the `adminname` and `email` parameters to prevent the execution of arbitrary code until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Inventory Management version V1.0 **Description** A Cross-Site Scripting (XSS) issue allows attackers to execute arbitrary code via the `pname` parameter of the "editProduct.php" component. **Recommendations** For Inventory Management version V1.0, consider restricting access to the `pname` parameter in the editProduct.php component until a patch is available. As a temporary workaround, avoid using the `pname` parameter in the affected component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Inventory Management version 1.0 **Description** The issue allows a local attacker to execute arbitrary code via the `name`, `uname`, and `email` parameters in the "registration.php" component. This is a SQL injection vulnerability. **Recommendations** For Inventory Management version 1.0, avoid using the `name`, `uname`, and `email` parameters in the registration.php component until a fix is available. As a temporary workaround, consider restricting access to the registration.php component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to execute arbitrary commands via the `reqid` parameter in the cancel.php file. This can be exploited to run unauthorized commands. **Recommendations** For Code-Projects Blood Bank version 1.0, avoid using the `reqid` parameter in the cancel.php file until a fix is available. As a temporary workaround, consider restricting access to the cancel.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** A Cross Site Scripting (XSS) issue allows attackers to execute arbitrary code by manipulating the `msg` parameter in the application URL. This could potentially lead to unauthorized actions on the affected system. **Recommendations** For Code-Projects Blood Bank version 1.0, consider restricting access to the `msg` parameter in the application URL to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to run arbitrary code via the `search` parameter in the application URL. This is due to a Cross Site Scripting (XSS) flaw in the abs.php file. **Recommendations** For Code-Projects Blood Bank version 1.0, avoid using the `search` parameter in the application URL until the issue is resolved. As a temporary workaround, consider restricting access to the abs.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to execute arbitrary SQL commands by exploiting the SQL Injection vulnerability in the receiverLogin.php file. This is achieved via the `remail` and `rpassword` parameters. **Recommendations** For Code-Projects Blood Bank version 1.0, consider validating and sanitizing user input for the `remail` and `rpassword` parameters to prevent SQL injection attacks. As a temporary workaround, restrict access to the receiverLogin.php file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to execute arbitrary SQL commands via the `remail` parameter in the receiverReg.php file. This can potentially lead to unauthorized access and manipulation of sensitive data. **Recommendations** For Code-Projects Blood Bank version 1.0, consider restricting access to the receiverReg.php file until a patch is available. As a temporary workaround, avoid using the `remail` parameter in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to run arbitrary code via the `error` parameter in the "abs.php" file. This enables attackers to execute malicious scripts, potentially leading to unauthorized actions on the affected system. **Recommendations** For Code-Projects Blood Bank version 1.0, avoid using the `error` parameter in the "abs.php" file until a patch is available. As a temporary workaround, consider restricting access to the "abs.php" file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to run arbitrary code via the `rename`, `remail`, `rphone`, and `rcity` parameters in the "updateprofile.php" file. This can lead to the execution of malicious scripts. **Recommendations** For Code-Projects Blood Bank version 1.0, consider validating and sanitizing the `rename`, `remail`, `rphone`, and `rcity` parameters in the "updateprofile.php" file to prevent arbitrary code execution. As a temporary workaround, restrict access to the "updateprofile.php" file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Code-Projects Blood Bank version 1.0 **Description** The issue allows attackers to execute arbitrary SQL commands by exploiting the SQL Injection vulnerability in the hospitalLogin.php file. This is achieved via the `hemail` and `hpassword` parameters. **Recommendations** For Code-Projects Blood Bank version 1.0, consider validating and sanitizing user input for the `hemail` and `hpassword` parameters to prevent SQL injection attacks. As a temporary workaround, restrict access to the hospitalLogin.php file until a proper fix is applied.