Gailo

Name of the Vulnerable Software and Affected Versions: code-projects Online Medicine Guide version 1.0 Description: A vulnerability has been found in code-projects Online Medicine Guide 1.0. The manipulation of the argument `deName` in the file `/addelivery.php` leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public. Recommendations: As a temporary workaround, consider restricting access to the `/addelivery.php` file to minimize the risk of exploitation. Avoid using the parameter `deName` in the affected API endpoint `/addelivery.php` until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: code-projects Online Medicine Guide version 1.0 Description: A vulnerability exists due to SQL injection. The issue is related to unknown processing of the file `/adphar.php`. Manipulation of the `phuname` argument leads to SQL injection and may be initiated remotely. The exploit has been disclosed to the public. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** 1000 Projects Daily College Class Work Report Book version 1.0 **Description** A critical vulnerability has been found in the software. The issue affects an unknown function of the file /dcwr entry.php. Manipulation of the `Date` argument leads to SQL injection, allowing for remote attacks. The exploit has been publicly disclosed and may be used. **Recommendations** As a temporary workaround, consider disabling the affected function in the /dcwr entry.php file until a patch is available. Restrict access to the /dcwr entry.php file to minimize the risk of exploitation. Avoid using the `Date` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.