Hex314

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Land Record System version 1.0 **Description** A critical vulnerability exists in PHPGurukul Land Record System 1.0 due to a SQL injection issue within an unknown functionality of the file `/edit-property.php`. The `editid` argument can be manipulated to exploit this vulnerability, allowing for remote attacks. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical vulnerability has been found in the code-projects Inventory Management System, affecting the file /changeUsername.php. The manipulation of the `user id` argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Recommendations: As a temporary workaround, consider disabling the `changeUsername.php` file until a patch is available. Restrict access to the `/changeUsername.php` endpoint to minimize the risk of exploitation. Avoid using the `user id` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.