Jjjjjzr

**Name of the Vulnerable Software and Affected Versions** Code-Projects Online Guitar Store version 1.0 **Description** A flaw exists in Code-Projects Online Guitar Store 1.0 related to the processing of input data. Specifically, manipulating the `L email` argument within the `/login.php` file can lead to a SQL injection. This issue is remotely exploitable, and a public exploit is available. **Recommendations** Apply input validation and sanitization to the `L email` parameter in the `/login.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Guitar Store version 1.0 **Description** A flaw exists in code-projects Online Guitar Store 1.0 that allows for SQL injection. This occurs through manipulation of the `del pro` argument within the `/admin/Delete product.php` file. The attack can be carried out remotely. The exploit has been publicly disclosed. **Recommendations** Apply any available updates or patches for code-projects Online Guitar Store version 1.0. Sanitize the `del pro` input parameter in the `/admin/Delete product.php` file to prevent SQL injection. Restrict access to the `/admin/Delete product.php` file to authorized personnel only.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Guitar Store version 1.0 **Description** A SQL injection issue exists in code-projects Online Guitar Store version 1.0. The issue is located in an unknown function within the `/admin/Create product.php` file. Manipulating the `dre title` argument can lead to SQL injection. The exploit has been publicly released and could be used for remote attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Guitar Store version 1.0 **Description** A SQL injection issue exists in code-projects Online Guitar Store version 1.0. The issue affects an unknown function within the `/admin/Create category.php` file. Manipulation of the `dre Ctitle` argument can lead to SQL injection, and the attack can be carried out remotely. The exploit has been publicly disclosed. **Recommendations** Sanitize or validate the `dre Ctitle` input to prevent SQL injection attacks. As a temporary workaround, restrict access to the `/admin/Create category.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects College Notes Uploading System version 1.0 **Description** A security issue exists in code-projects College Notes Uploading System 1.0. The manipulation of the `image` argument in an unknown function within the /dashboard/userprofile.php file allows for unrestricted file upload. Remote exploitation is possible, and the exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Refugee Food Management System version 1.0 **Description** A SQL injection issue exists due to manipulation of the `a` argument within an unknown function of the `/home/home.php` file. The attack can be carried out remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A flaw exists in the Student File Management System that allows for remote code execution. The issue is located in the file `/admin/delete user.php` and involves the manipulation of the `user id` argument, leading to a SQL injection. The exploit is publicly available. The vulnerable function is unknown. **Recommendations** Apply a fix to address the SQL injection issue in the `/admin/delete user.php` file. Sanitize the `user id` argument to prevent SQL injection attacks. As a temporary workaround, restrict access to the `/admin/delete user.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A security flaw exists in code-projects Student File Management System 1.0. The issue is related to the manipulation of the `stud id` argument in the file '/admin/delete student.php', leading to a SQL injection. This can be exploited remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Computer Book Store version 1.0 **Description** A weakness exists in Computer Book Store version 1.0 related to SQL injection. The issue is located in the `/admin delete.php` file, specifically within an unknown function. Manipulation of the `bookisbn` argument can trigger the SQL injection. The attack can be initiated remotely, and the exploit has been publicly released. **Recommendations** Apply a fix to the vulnerable function in `/admin delete.php` to prevent manipulation of the `bookisbn` argument.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A weakness exists in the processing of the `/admin/update student.php` file. Manipulation of the `stud id` argument can lead to SQL injection. The issue is remotely exploitable and an exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A flaw exists in code-projects Student File Management System 1.0, specifically within the `/admin/update user.php` file. Manipulation of the `user id` argument can lead to a SQL injection condition. Remote exploitation is possible. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A flaw exists in the Student File Management System that allows for remote manipulation of the `Username` argument in the /admin/login query.php file, potentially leading to SQL injection. The exploit has been publicly disclosed. **Recommendations** Apply updates to address the SQL injection issue in the /admin/login query.php file.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A flaw exists in the Student File Management System that allows for remote SQL injection. The issue is located in the `login query.php` file, specifically through manipulation of the `stud no` argument. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Student File Management System version 1.0 **Description** A security flaw exists in code-projects Student File Management System 1.0. The issue affects unknown code within the file '/admin/save user.php'. Manipulation of the `firstname` argument can lead to SQL injection. The attack can be carried out remotely. The exploit has been publicly released. **Recommendations** Apply a fix to address the SQL injection issue in the '/admin/save user.php' file. Sanitize the `firstname` argument to prevent SQL injection attacks. As a temporary workaround, restrict access to the '/admin/save user.php' file.

**Name of the Vulnerable Software and Affected Versions** Verysync versions 2.21.3 **Description** A flaw exists in Verysync 微力同步 version 2.21.3 within the Web Administration Module. Manipulation of the `/safebrowsing/clientreport/download?key=dummytoken` file, through an unknown function, can lead to information disclosure. This issue is remotely exploitable, and the exploit is publicly available. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Verysync versions up to 2.21.3 **Description** A security issue exists in Verysync 微力同步 versions up to 2.21.3 that allows for information disclosure. The issue is related to an unknown function within the file `/rest/f/api/resources/f96956469e7be39d` of the Web Administration Module. This manipulation can be executed remotely. The exploit has been publicly disclosed. **Recommendations** Update Verysync to a version later than 2.21.3. As a temporary workaround, restrict access to the `/rest/f/api/resources/f96956469e7be39d` file.

**Name of the Vulnerable Software and Affected Versions** Verysync versions up to 2.21.3 **Description** A flaw exists in Verysync that allows for unrestricted file upload. This impacts an unknown function within the Web Administration Module, specifically related to the file `/rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false`. The attack can be performed remotely. The exploit has been published. The vendor was contacted but did not respond. **Recommendations** Versions prior to 2.21.3 are recommended.

**Name of the Vulnerable Software and Affected Versions** Simple Food Ordering System version 1.0 **Description** A flaw exists in Simple Food Ordering System 1.0 that allows for SQL injection through manipulation of the `ID` argument in the /listorder.php file. This issue can be exploited remotely. The details of the exploit have been publicly disclosed. **Recommendations** Apply any available updates or patches for Simple Food Ordering System version 1.0. As a temporary workaround, restrict access to the /listorder.php file. Sanitize the `ID` input parameter to prevent SQL injection attacks.