Jack_Bonn

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information Management System version 1.0 Description: A security issue exists in itsourcecode Student Information Management System 1.0. Manipulation of the `ID` argument in the file `/admin/modules/room/index.php` can lead to SQL injection. The attack can be performed remotely. The exploit has been publicly disclosed. Recommendations: As a temporary workaround, consider restricting access to the file `/admin/modules/room/index.php` until a fix is available. Avoid using the `ID` parameter in the affected file `/admin/modules/room/index.php` until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information Management System version 1.0 Description: A security flaw exists in itsourcecode Student Information Management System 1.0. The issue involves SQL injection stemming from the manipulation of the `ID` argument within an unknown function of the file `/admin/modules/instructor/index.php`. This attack can be executed remotely. The exploit has been released to the public. Recommendations: As a temporary workaround, consider restricting access to the file `/admin/modules/instructor/index.php` to minimize the risk of exploitation. Avoid using the parameter `ID` in the affected file `/admin/modules/instructor/index.php` until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information Management System version 1.0 Description: A weakness exists in itsourcecode Student Information Management System 1.0. The issue involves SQL injection caused by manipulation of the `ID` argument within an unknown function of the file `/admin/modules/department/index.php`. This manipulation is possible remotely. The exploit has been made publicly available. Recommendations: As a temporary workaround, consider restricting access to the file `/admin/modules/department/index.php` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Student Information Management System version 1.0 **Description** A SQL injection issue exists in the file `/admin/modules/subject/index.php` due to manipulation of the `ID` argument. The attack can be launched remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Student Information Management System version 1.0 **Description** A security flaw exists in itsourcecode Student Information Management System 1.0. Manipulation of the `ID` argument in the file `/admin/modules/course/index.php` can lead to SQL injection. Remote exploitation is possible. The exploit has been released to the public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Apartment Management System version 1.0 **Description** A SQL injection issue exists due to the manipulation of the `user id` argument in an unknown function within the /ajax/updateProfile.php file. This allows for remote exploitation. The exploit has been made public. **Recommendations** As a temporary workaround, consider restricting access to the /ajax/updateProfile.php file until a fix is available. Avoid using the `user id` parameter in the affected file until the issue is resolved.