Lizis3C

**Name of the Vulnerable Software and Affected Versions** itsourcecode E-Logbook with Health Monitoring System for COVID-19 version 1.0 **Description** A cross-site scripting issue exists due to manipulation of the `profile id` argument in the `/print reports prev.php` file. This allows for remote attacks. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/print reports prev.php` file until a patch is available. Sanitize the `profile id` argument to prevent the injection of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** itsourcecode E-Commerce Website version 1.0 **Description** A vulnerability exists in itsourcecode E-Commerce Website 1.0, impacting an unknown function within the `/admin/products.php` file. This allows for unrestricted file upload, and the attack can be initiated remotely. The exploit is publicly available. **Recommendations** Address the unrestricted upload issue in the `/admin/products.php` file.

**Name of the Vulnerable Software and Affected Versions** itsourcecode E-Commerce Website version 1.0 **Description** A security flaw has been discovered that allows for unrestricted upload. The issue affects an unknown function within the `/admin/users.php` file and can be exploited remotely. The exploit has been released publicly. **Recommendations** As a temporary workaround, consider restricting access to the `/admin/users.php` file to minimize the risk of exploitation.