P1K1

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Loan Management System version 1.0 **Description** A flaw exists in itsourcecode Online Loan Management System that allows for SQL injection. Manipulation of the `ID` argument in the `/manage payment.php` file can lead to remote code execution. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Loan Management System version 1.0 **Description** A security flaw exists in itsourcecode Online Loan Management System. Manipulation of the `ID` argument in an unknown function within the `/manage user.php` file can lead to SQL injection. This attack can be carried out remotely. The exploit for this issue has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Loan Management System version 1.0 **Description** A flaw exists in itsourcecode Online Loan Management System that allows for SQL injection. This issue affects an unspecified part of the `/load fields.php` file. The `loan id` argument can be manipulated to exploit this flaw, potentially allowing for remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Loan Management System version 1.0 **Description** A flaw exists in itsourcecode Online Loan Management System that allows for SQL injection. The issue is located in the `/manage loan.php` file, where manipulation of the `ID` argument can lead to exploitation. The attack can be carried out remotely. The exploit is publicly available. **Recommendations** Apply a fix for itsourcecode Online Loan Management System version 1.0.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Loan Management System version 1.0 **Description** A flaw exists in the processing of the `/manage borrower.php` file within itsourcecode Online Loan Management System. Manipulation of the `ID` argument can lead to a SQL injection. Remote exploitation is possible. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.