Hemantrajbhati5555

**Name of the Vulnerable Software and Affected Versions** SourceCodester Ship Ferry Ticket Reservation System versions prior to 1.1 **Description** An issue exists in the Admin Login component within the '/admin/login.php' endpoint. Remote manipulation of the `Username` argument allows for SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. **Recommendations** Update the system to a version later than 1.0. As a temporary workaround, restrict access to the '/admin/login.php' endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Ship Ferry Ticket Reservation System version 1.0 **Description** An improper authorization issue exists in the `/admin/` file. Manipulation of the `page` argument allows for remote exploitation. **Recommendations** Avoid using the `page` argument in the `/admin/` file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Boat Reservation System version 1.0 **Description** Improper authorization exists within the Administrative Endpoint component. This issue allows a remote attacker to manipulate the system due to a failure in correctly verifying user permissions. Multiple endpoints are affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions SourceCodester Leave Application System version 1.0 Description A vulnerability exists in SourceCodester Leave Application System 1.0 that allows authorization bypass. This is due to manipulation of the `ID` argument in the `/index.php?page=manage user` endpoint of the User Information Handler component. The attack can be executed remotely, and the exploit is publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/index.php?page=manage user` endpoint.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Leave Application System version 1.0 **Description** A file inclusion issue exists in SourceCodester Leave Application System. Exploitation involves manipulating the `page` argument, potentially allowing for remote code execution. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Leave Application System version 1.0 **Description** A security issue exists in the User Management Handler component of SourceCodester Leave Application System. This issue allows for cross site scripting, potentially enabling remote attacks. The details of the exploit have been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Website Link Extractor version 1.0 **Description** A server-side request forgery condition exists in the URL Handler component’s `file get contents()` function. This allows for remote initiation of attacks. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.