Maninhuguitar

**Name of the Vulnerable Software and Affected Versions** shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5 **Description** A SQL injection issue exists in the POST Request Handler component of shawon100 RUET OJ. The issue is located in the file `/process.php` and is triggered by manipulating the `un` argument. This allows for remote attacks. The exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** shawon100 RUET OJ versions up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5 **Description** A flaw exists in shawon100 RUET OJ that allows for SQL injection through manipulation of the `ID` argument when processing the `/description.php` file. This issue can be exploited remotely. The exploit is publicly available. The product employs a rolling release model, making specific version details for fixes unavailable. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** shawon100 RUET OJ versions up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5 **Description** A SQL injection issue exists in shawon100 RUET OJ. Manipulation of the `Name` argument in the `/contestproblem.php` file can lead to SQL injection. The attack can be launched remotely. The product operates on a rolling release basis, meaning there are no specific version details for affected or updated releases. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** shawon100 RUET OJ versions up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5 **Description** A security flaw exists in shawon100 RUET OJ. Manipulation of the `ID` argument in the `/details.php` file can lead to SQL injection. Remote exploitation is possible. The exploit has been publicly released. The vendor was contacted but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.