Inmoyang

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Clinic Management System version 1.0 **Description** A flaw exists in itsourcecode Online Clinic Management System version 1.0. The issue involves the potential for SQL injection through manipulation of the `ID` argument in a request to the `/details.php?action=post` file. This could allow for remote exploitation. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** htmly versions up to 3.1.0 **Description** A security issue has been identified in htmly. Manipulation of the `label` argument in an unknown function within the file `/htmly/admin/field/post` of the Custom Field Handler component can lead to cross-site scripting. This attack can be launched remotely. The vulnerability has been publicly disclosed. **Recommendations** Versions prior to 3.1.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.