Fullshade

**Name of the Vulnerable Software and Affected Versions** FTPGetter Professional version 5.97.0.223 **Description** The issue is related to a memory corruption bug that can occur when a user sends a specially crafted string to the application. This bug may be classified as a NULL pointer dereference. **Recommendations** For FTPGetter Professional version 5.97.0.223, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Hostel Management System version 2.0 **Description** The issue allows SQL injection via the `id` parameter in the "full-profile.php" file. This could potentially be exploited to extract or modify sensitive data. **Recommendations** For PHPGurukul Hostel Management System version 2.0, consider restricting access to the "full-profile.php" file or validating and sanitizing the `id` parameter to prevent SQL injection attacks. As a temporary workaround, avoid using the `id` parameter in the affected file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Hospital Management System in PHP version 4.0 **Description** The issue concerns multiple Persistent XSS vulnerabilities. **Recommendations** For version 4.0, update to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Hospital Management System version 4.0 **Description** The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities arise because multiple pages and parameters within the application do not properly validate user input. As a result, the application's database and information can be fully compromised. **Recommendations** For PHPGurukul Hospital Management System version 4.0, consider implementing proper input validation and sanitization for all user-input parameters to prevent SQL injection attacks. Additionally, restrict access to sensitive database information and ensure that all database interactions are securely handled. At the moment, there is no information about a newer version that contains a fix for this vulnerability.