Nochizplz

**Name of the Vulnerable Software and Affected Versions** SourceCodester File Manager App version 1.0 **Description** A critical issue has been found in the SourceCodester File Manager App, affecting the /endpoint/update-file.php file. The manipulation of the `file` argument leads to unrestricted upload. This issue can be exploited remotely. **Recommendations** For SourceCodester File Manager App version 1.0, consider disabling the /endpoint/update-file.php endpoint until a patch is available to prevent unrestricted file uploads. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using the `file` argument in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical issue affects the processing of the file /task-details.php, leading to execution after redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Employee Task Management System version 1.0, consider restricting access to the /task-details.php file until a patch is available. As a temporary workaround, disabling the execution after redirect functionality may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability was found in the SourceCodester Employee Task Management System. This issue affects unknown code of the file /manage-admin.php, leading to execution after redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Employee Task Management System version 1.0, consider restricting access to the /manage-admin.php file until a patch is available. As a temporary workaround, disabling the execution after redirect functionality may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability was found in the SourceCodester Employee Task Management System. This issue affects an unknown part of the file /update-admin.php. The manipulation of the `admin id` argument leads to authorization bypass. It is possible to initiate the attack remotely. **Recommendations** For SourceCodester Employee Task Management System version 1.0, consider disabling access to the /update-admin.php file until a patch is available. As a temporary workaround, restrict the manipulation of the `admin id` argument to prevent authorization bypass. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability was found in the SourceCodester Employee Task Management System, affecting some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect, and the attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Employee Task Management System version 1.0, consider disabling access to the /admin-manage-user.php file until a patch is available. Restricting remote access to this file may also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability was found in the SourceCodester Employee Task Management System, affecting an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect and can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Employee Task Management System version 1.0, consider disabling access to the /edit-task.php file until a patch is available. As a temporary workaround, restrict the use of the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical issue has been found in the system, affecting some unknown functionality of the file /task-details.php. The manipulation of the `task id` argument leads to authorization bypass. This issue can be exploited remotely. **Recommendations** For version 1.0, consider disabling access to the /task-details.php file until a patch is available. As a temporary workaround, restrict the manipulation of the `task id` argument to prevent authorization bypass.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability was found in the SourceCodester Employee Task Management System, affecting an unknown functionality of the file /edit-task.php. The manipulation of the `task id` argument leads to authorization bypass. The attack can be launched remotely. **Recommendations** For version 1.0, consider disabling the functionality related to the /edit-task.php file until a patch is available. Restrict access to the `task id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability has been found in the SourceCodester Employee Task Management System. This issue affects the file /update-employee.php and is related to the manipulation of the `admin id` argument, leading to authorization bypass. The attack can be initiated remotely. **Recommendations** For SourceCodester Employee Task Management System version 1.0, consider disabling access to the /update-employee.php file until a patch is available. As a temporary workaround, restrict the manipulation of the `admin id` argument to prevent authorization bypass. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Employee Task Management System version 1.0 **Description** A critical vulnerability has been found in the SourceCodester Employee Task Management System. The issue affects an unknown function of the file /task-info.php, leading to execution after redirect. This can be exploited remotely. **Recommendations** For version 1.0, consider restricting access to the /task-info.php file until a patch is available. As a temporary workaround, review the code of the unknown function in /task-info.php to identify potential entry points for the exploit and apply necessary security fixes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A problematic issue was found in the system, affecting an unknown function of the file navbar.php. The manipulation of the `id` argument leads to cross-site scripting. This issue can be exploited remotely. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider restricting access to the `id` argument in the affected function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A problematic issue has been found in the system, affecting some unknown functionality of the file home.php. The manipulation of the `id` argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider restricting access to the `home.php` file or disabling the manipulation of the `id` argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical issue has been found in the file book history.php, where the manipulation of the `del id` argument leads to sql injection. The attack can be initiated remotely. The issue has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, consider disabling the `book history.php` file or restricting access to it until a patch is available. As a temporary workaround, avoid using the `del id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A vulnerability was found in the processing of the file book history.php, where the manipulation of the `id` argument leads to cross-site scripting. The attack may be initiated remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, consider disabling the `id` argument in the book history.php file as a temporary workaround until a patch is available. Restrict access to the book history.php file to minimize the risk of exploitation. Avoid using the `id` argument in the affected processing until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical issue was found in the system, affecting an unknown part of the file home.php. The manipulation of the `id` argument leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider restricting access to the home.php file or disabling the manipulation of the `id` argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical issue was found in the system, affecting an unknown functionality of the file /admin/bookdate.php. The manipulation of the `room id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider restricting access to the /admin/bookdate.php file and avoid using the `room id` argument in this context until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical vulnerability was found in the system, affecting an unknown functionality of the file /admin/update-users.php. The manipulation of the `id` argument leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider restricting access to the /admin/update-users.php file until a patch is available. Avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical issue affects the unknown code of the file /admin/rooms.php, leading to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider disabling access to the /admin/rooms.php file until a patch is available. Restrict access to this file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical issue was found in the system, affecting some unknown functionality of the file /admin/rooms.php. The manipulation of the `room id` argument leads to SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider restricting access to the /admin/rooms.php file until a patch is available. Additionally, avoid using the `room id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 **Description** A critical issue was found in the system, affecting an unknown part of the file /admin/update-rooms.php. The manipulation of the `room id` argument leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0, as a temporary workaround, consider disabling the `room id` argument in the /admin/update-rooms.php file until a patch is available. Restrict access to the /admin/update-rooms.php file to minimize the risk of exploitation. Avoid using the `room id` argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.