Lohith19

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Food Ordering System version 2.0 **Description** A critical issue has been found in the Login Page component of the affected software. The issue is related to the manipulation of the `Username` argument in the "/fos/admin/ajax.php?action=login" API endpoint, which leads to SQL injection. This can be exploited remotely. **Recommendations** For SourceCodester Online Food Ordering System version 2.0, consider disabling the login functionality temporarily until a patch is available. Restrict access to the "/fos/admin/ajax.php?action=login" API endpoint to minimize the risk of exploitation. Avoid using the `Username` argument in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Sanitization Management System version 1.0 **Description** A problematic vulnerability has been found in the User Creation Handler component. The manipulation of the `First Name/Middle Name/Last Name` argument leads to cross-site scripting. This issue can be exploited remotely. **Recommendations** For version 1.0, consider disabling the User Creation Handler component until a patch is available. Restrict the manipulation of the `First Name/Middle Name/Last Name` argument to minimize the risk of cross-site scripting exploitation.