Imcoming

**Name of the Vulnerable Software and Affected Versions** code-projects Online Student Management System version 1.0 **Description** A flaw exists in the Login component of the Online Student Management System. Specifically, a SQL injection issue is present in the `accounts.php` file due to manipulation of the `username` and `password` arguments. This issue can be exploited remotely. The exploit has been publicly released. **Recommendations** Apply any available updates to address the SQL injection issue in the `accounts.php` file. As a temporary workaround, restrict access to the `accounts.php` file to minimize the risk of exploitation. Sanitize the `username` and `password` parameters before using them in database queries.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Application System for Admission version 1.0 **Description** A flaw exists in the Login Endpoint of the Online Application System for Admission. This issue, related to SQL injection, affects the `enrollment/index.php` file. Successful exploitation allows remote attackers to manipulate the system. The details of the exploit have been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Examination System version 1.0 **Description** A flaw exists in the Online Examination System that allows for SQL injection through the manipulation of the `username` and `password` arguments in the login.php file. This issue can be exploited remotely. **Recommendations** Apply input validation and sanitization to the `username` and `password` parameters in the login.php file.

**Name of the Vulnerable Software and Affected Versions** code-projects Contact Management System version 1.0 **Description** A security flaw exists in the Contact Management System. The issue involves improper authentication due to manipulation of the `ID` argument within the CRUD Endpoint component. This allows for remote attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Contact Management System version 1.0 **Description** A security issue exists in code-projects Contact Management System. The problem involves the processing of the `index.py` file and manipulation of the `selecteditem[0]` argument, leading to a SQL injection. This attack can be carried out remotely. The vulnerable component is the processing of the `selecteditem[0]` argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.