I4G5D

**Name of the Vulnerable Software and Affected Versions** code-projects Student Information System version 1.0 **Description** A security issue exists in code-projects Student Information System 1.0. The issue involves cross site scripting, potentially allowing remote execution of malicious code. Manipulation of the `firstname`/`lastname` argument in the `/profile.php` file can trigger this issue. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Student Information System version 1.0 **Description** A flaw exists in the processing of the `/searchresults.php` file within the software. Manipulation of the `searchbox` argument can lead to SQL injection. The attack can be performed remotely. An exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Fabian Ros/SourceCodester Simple E-Banking System version 1.0 **Description** A flaw in the system allows for cross-site request forgery (CSRF), a type of attack that forces an authenticated user to execute unwanted actions. This issue can be triggered remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.