L0Ser

**Name of the Vulnerable Software and Affected Versions** code-projects Content Management System version 1.0 **Description** A flaw exists in code-projects Content Management System that involves the processing of the `/admin/delete.php` file. Manipulation of the `del` argument within this file can lead to SQL injection. This issue can be exploited remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Content Management System version 1.0 **Description** A security issue exists in code-projects Content Management System. The manipulation of the `image` argument in a file, /admin/edit posts.php, allows for unrestricted file upload. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Content Management System version 1.0 **Description** A flaw exists in code-projects Content Management System that allows for SQL injection. The issue is located in the `/pages.php` file, specifically through manipulation of the `ID` argument within an unknown function. This allows for remote exploitation. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Music Site version 1.0 **Description** A flaw exists in code-projects Online Music Site version 1.0 that allows for SQL injection. The issue is located in the `/Frontend/ViewSongs.php` file, specifically through manipulation of the `ID` argument within an unknown function. This allows for remote exploitation. The exploit has been published. **Recommendations** Apply a fix to address the SQL injection issue in the `/Frontend/ViewSongs.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Music Site version 1.0 **Description** A flaw exists in code-projects Online Music Site 1.0 that allows for SQL injection. The issue is located in the `/Frontend/AlbumByCategory.php` file, specifically through manipulation of the `ID` argument. This allows for remote attacks. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Music Site version 1.0 **Description** A flaw exists in code-projects Online Music Site 1.0 where manipulation of the `fname` argument in the /Frontend/Feedback.php file can lead to SQL injection. This issue can be exploited remotely. The exploit has been publicly released. **Recommendations** Apply input validation and sanitization to the `fname` argument in the /Frontend/Feedback.php file.