Li_12138

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical issue has been found in the code-projects Job Recruitment software. The problem affects an unknown functionality of the file admin.php. The manipulation of the `userid` argument leads to SQL injection. This issue can be exploited remotely. There is a potential for unauthenticated remote code execution via the `userid` in admin.php. **Recommendations** For code-projects Job Recruitment version 1.0, patch immediately and review logs for signs of exploitation. As a temporary workaround, consider restricting access to the `admin.php` file to minimize the risk of exploitation. Avoid using the `userid` argument in the affected functionality until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 **Description** A critical issue affects the processing of the file view employee.php, where the manipulation of the `id` argument leads to sql injection. The attack can be initiated remotely. **Recommendations** For SourceCodester Employee and Visitor Gate Pass Logging System version 1.0, consider restricting access to the view employee.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation.