P0Et08

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Online Shopping Portal version 2.1 **Description** PHPGurukul Online Shopping Portal version 2.1 is susceptible to Cross Site Scripting (XSS) in the `/admin/updateorder.php` endpoint. **Recommendations** As a mitigation, consider implementing appropriate input validation and output encoding mechanisms within the `/admin/updateorder.php` endpoint to prevent the injection and execution of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** Electrolink FM/DAB/TV Transmitter Web Management System versions 01.07, 01.08, and 01.09 Electrolink Display version 1.2 Electrolink Display version 1.4 **Description** The Electrolink FM/DAB/TV Transmitter Web Management System is susceptible to an unauthorized access issue. This issue is located via the `/FrameSetCore.html` endpoint. **Recommendations** Electrolink FM/DAB/TV Transmitter Web Management System version 01.07: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Electrolink FM/DAB/TV Transmitter Web Management System version 01.08: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Electrolink FM/DAB/TV Transmitter Web Management System version 01.09: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Electrolink Display version 1.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Electrolink Display version 1.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability.