Hater

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Food Ordering System version 1.0 **Description** A flaw exists in projectworlds Online Food Ordering System version 1.0, specifically within an unknown function of the `/view-ticket.php` file. Manipulation of the `ID` argument can lead to SQL injection, allowing for remote attacks. The exploit for this issue has been published. **Recommendations** Apply any available updates or patches for projectworlds Online Food Ordering System version 1.0. As a temporary workaround, restrict or disable access to the `/view-ticket.php` file. Sanitize the `ID` parameter before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Prison Management System version 1.0 **Description** A flaw exists in the Login component of the software, specifically within an unknown function. This issue allows for session fixation, potentially enabling remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.