Mqn123

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical vulnerability has been found in the code-projects Pharmacy Management System. This issue affects the file `/index.php?action=editSalesman` and is related to the manipulation of the `id` argument, which leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Recommendations: As a temporary workaround, consider restricting access to the `/index.php?action=editSalesman` endpoint until a patch is available. Avoid using the `id` argument in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical issue affects the processing of the file "/index.php?action=editPharmacist". The manipulation of the `id` argument leads to SQL injection. The attack may be initiated remotely. Recommendations: For code-projects Pharmacy Management System version 1.0, upgrade to version 1.1 to mitigate risks. As a temporary workaround, consider restricting access to the "/index.php?action=editPharmacist" endpoint until the issue is resolved. Avoid using the `id` argument in the affected endpoint until the issue is resolved.