Moss_Mo

Name of the Vulnerable Software and Affected Versions: code-projects/Fabian Ros Library Management System version 2.0 Description: A critical issue was found in the file admin/profile update.php, affecting an unknown functionality. The manipulation of the `photo` argument leads to unrestricted upload. This issue can be exploited remotely. Recommendations: For code-projects/Fabian Ros Library Management System version 2.0, consider restricting access to the admin/profile update.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the `photo` argument in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** krishna9772 Pharmacy Management System (affected versions not specified) **Description:** A critical vulnerability exists in krishna9772 Pharmacy Management System. The vulnerability is due to a SQL injection flaw within the `quantity upd.php` file. Manipulation of the `med name`, `med cat`, and `ex date` arguments can trigger the injection. This issue is remotely exploitable. The exploit has been publicly disclosed. **Recommendations:** At the moment, there is no information about a newer version that contains a fix for this vulnerability.