J3Rrybl4Nks

**Name of the Vulnerable Software and Affected Versions** eLection version 2.0 **Description** The software contains an authenticated SQL injection issue in the candidate management endpoint. Attackers can manipulate database queries through the `id` parameter. Exploitation can be performed using SQLMap, potentially leading to remote code execution by uploading backdoor files to the web application directory. The API endpoint affected is the candidate management endpoint. **Recommendations** Apply input validation and parameterized queries to the `id` parameter in the candidate management endpoint.

**Name of the Vulnerable Software and Affected Versions** phpMyChat Plus version 1.98 **Description** The software contains a SQL injection issue in the 'deluser.php' page. This allows manipulation of database queries through the `pmc username` parameter. Attackers can use boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database information by crafting malicious payloads in the `username` field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CandidATS version 2.1.0 **Description** The issue allows for an administrator account to be added via the "index.php?m=settings&a=addUser" URI, due to a CSRF vulnerability. This enables potential unauthorized access to the system. **Recommendations** For CandidATS version 2.1.0, as a temporary workaround, consider restricting access to the "index.php?m=settings&a=addUser" URI to prevent unauthorized administrator account additions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SOPlanning version 1.45 **Description** The issue allows for a CSRF attack, enabling arbitrary user creation via the "process/xajax server.php" API endpoint. **Recommendations** For SOPlanning version 1.45, consider restricting access to the "process/xajax server.php" endpoint to minimize the risk of exploitation. As a temporary workaround, review and limit user creation permissions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ICE Hrm version 26.2.0 **Description** The issue allows for CSRF, leading to unauthorized password reset through the "service.php" endpoint. **Recommendations** For ICE Hrm version 26.2.0, update to a version that includes a fix for this issue, as no specific workaround is provided.

**Name of the Vulnerable Software and Affected Versions** ICE Hrm version 26.2.0 **Description** The issue allows for CSRF, leading to unauthorized user creation. This occurs via the "service.php" endpoint. **Recommendations** For ICE Hrm version 26.2.0, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SoPlanning version 1.45 **Description** The issue concerns SQL Injection in the OrderBy clause. This is demonstrated through the `projets.php` endpoint with specific parameters, such as `order=nom createur` and `by=substring`. **Recommendations** For SoPlanning version 1.45, consider restricting access to the `projets.php` endpoint until a patch is available, or apply input validation and sanitization to the `order` and `by` parameters to prevent SQL Injection attacks.

**Name of the Vulnerable Software and Affected Versions** phpMyChat-Plus version 1.98 **Description** The issue concerns multiple SQL injections against the Delete User functionality in the deluser.php file, as demonstrated by the `pmc username` variable. **Recommendations** For phpMyChat-Plus version 1.98, consider disabling the Delete User functionality in deluser.php until a patch is available to prevent potential SQL injection attacks. Restrict access to the deluser.php file to minimize the risk of exploitation. Avoid using the `pmc username` variable in the affected functionality until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SOPlanning version 1.45 **Description** The issue allows for a CSRF attack, enabling arbitrary changes to the admin password through the "process/xajax server.php" endpoint. **Recommendations** For SOPlanning version 1.45, consider restricting access to the "process/xajax server.php" endpoint to minimize the risk of exploitation. As a temporary workaround, implement CSRF protection measures until a patch is available.

**Name of the Vulnerable Software and Affected Versions** School Management Software PHP/mySQL through 2019-03-14 **Description** The issue allows an attacker to add an administrative user via a CSRF attack on the office admin/?action=addadmin endpoint. **Recommendations** For School Management Software PHP/mySQL through 2019-03-14, update to a version released after 2019-03-14 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** School Management Software PHP/mySQL through 2019-03-14 **Description** The issue allows an attacker to delete a user via a CSRF attack on the office admin/?action=deleteadmin endpoint. **Recommendations** For School Management Software PHP/mySQL through 2019-03-14, update to a version released after 2019-03-14 to resolve the issue. As a temporary workaround, consider implementing CSRF protection measures to prevent unauthorized requests to the office admin/?action=deleteadmin endpoint.