Ooliveira

**Name of the Vulnerable Software and Affected Versions** itsourcecode Fees Management System version 1.0 **Description** A cross-site scripting issue exists in the `index.php` file. A remote attacker can trigger this by manipulating the `page` argument. Cross-site scripting is a flaw that allows an attacker to inject malicious scripts into web pages viewed by other users. **Recommendations** As a temporary workaround, avoid using the `page` argument in the `index.php` file until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Fees Management System version 1.0 **Description** A flaw in the `/manage fee.php` file allows for remote SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution. This occurs through the manipulation of the `ID` argument within an unknown function of the specified file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.