Lakshayyverma

**Name of the Vulnerable Software and Affected Versions** code-projects E-Banking System version 1.0 **Description** A security issue exists in the E-Banking System. The flaw is located within the `/register.php` script, which handles POST requests. Manipulation of the `username` or `password` parameters can lead to SQL injection. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Hospital Management System version 1.0 **Description** A flaw exists in the session function of the express-session component in code-projects Hospital Management System version 1.0. This issue involves manipulation of the `secret` argument, leading to the use of a hard-coded cryptographic key. The attack can be initiated remotely and is considered to have high complexity, with difficult exploitability. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.