Luowenwei

**Name of the Vulnerable Software and Affected Versions** Projectworlds Online Examination System version 1.0 **Description** The issue is related to SQL Injection via the `subject` parameter in `feed.php`. This allows for potential exploitation. **Recommendations** For Projectworlds Online Examination System version 1.0, consider disabling access to the `feed.php` file or restricting the use of the `subject` parameter until a patch is available. Avoid using the `subject` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Itsourcecode Learning Management System Project In PHP With Source Code version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `LessonID` parameter in the processscore.php file. **Recommendations** For Itsourcecode Learning Management System Project In PHP With Source Code version 1.0, consider restricting access to the processscore.php file until a patch is available, and avoid using the `LessonID` parameter in this file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Itsourcecode Payroll Management System version 1.0 **Description** The issue is related to SQL Injection in the payroll items.php file via the `ID` parameter. This allows for potential exploitation. **Recommendations** For Itsourcecode Payroll Management System version 1.0, consider restricting access to the payroll items.php file or the `ID` parameter to minimize the risk of exploitation until a fix is available.