Notfd404

**Name of the Vulnerable Software and Affected Versions** itsourcecode Event Management System version 1.0 **Description** A SQL injection issue exists in itsourcecode Event Management System version 1.0. The issue is located in the `/admin/manage booking.php` file, within an unknown function. Manipulation of the `ID` parameter can lead to SQL injection. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Event Management System version 1.0 **Description** A flaw exists in itsourcecode Event Management System version 1.0 related to SQL injection. The issue is located in the Admin Login functionality, specifically within the `/admin/ajax.php?action=login` file. Manipulation of the `Username` parameter can trigger the SQL injection. The attack can be initiated remotely. An exploit for this issue has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Event Management System version 1.0 **Description** A SQL injection issue exists in itsourcecode Event Management System version 1.0. The issue is located in the `/admin/manage register.php` file. Manipulation of the `ID` argument can lead to SQL injection, allowing for remote attacks. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode School Management System version 1.0 **Description** A flaw exists in itsourcecode School Management System that allows for SQL injection. The issue is located in an unknown part of the file `/ramonsys/settings/controller.php`. Manipulation of the `ID` argument can trigger the SQL injection. The attack can be initiated remotely. An exploit for this issue has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.