Rajeshwar Singh

**Name of the Vulnerable Software and Affected Versions** Medicine Tracker System in PHP version 1.0.0 **Description** The issue concerns a SQL Injection vulnerability. **Recommendations** For Medicine Tracker System in PHP version 1.0.0, update to a version that fixes the SQL Injection issue, however at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Medicine Tracker System in PHP version 1.0.0 **Description** The issue is related to Cross Site Scripting (XSS), which is a type of security vulnerability that can be exploited by attackers to inject malicious scripts into a website. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For Medicine Tracker System in PHP version 1.0.0, update to a version that includes a fix for the Cross Site Scripting (XSS) issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sourcecodester Medicine Tracker System in PHP version 1.0.0 **Description** The issue is related to Cross Site Scripting (XSS) and can be exploited via the `page` parameter, specifically when set to `about`. This allows for malicious scripts to be injected into the webpage. **Recommendations** For Sourcecodester Medicine Tracker System in PHP version 1.0.0, consider validating and sanitizing user input for the `page` parameter to prevent XSS attacks. As a temporary workaround, restrict access to the `about` page until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Sourcecodester.com Online Graduate Tracer System version 1.0.0 **Description** The issue is related to Cross Site Scripting (XSS), which is a type of security vulnerability that can allow an attacker to inject malicious scripts into a website. **Recommendations** For version 1.0.0, update to a newer version that addresses the Cross Site Scripting (XSS) issue, however at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Online Graduate Tracer System version 1.0.0 **Description** A cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `name` parameter. **Recommendations** For Online Graduate Tracer System version 1.0.0, avoid using the `name` parameter until the issue is resolved. As a temporary workaround, consider validating and sanitizing all user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Doctor Appointment Management System version 1.0.0 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `Search` function. **Recommendations** For Doctor Appointment Management System version 1.0.0, consider disabling the `Search` function until a patch is available to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** phpgurukul Doctor Appointment Management System version 1.0.0 **Description** The issue concerns a Cross Site Scripting (XSS) vulnerability. It can be exploited via the `searchdata` variable. **Recommendations** For phpgurukul Doctor Appointment Management System version 1.0.0, consider validating and sanitizing user input for the `searchdata` variable to prevent XSS attacks. As a temporary workaround, restrict access to the search functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Book Store Management System version 1.0.0 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `Name` parameter under the Add New System User module. **Recommendations** For Book Store Management System version 1.0.0, consider restricting access to the Add New System User module until a patch is available, and avoid using the `Name` parameter in this module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Sanitization Management System version 1.0.0 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `username` parameter at the "/php-sms/classes/Login.php" API endpoint. **Recommendations** For Sanitization Management System version 1.0.0, consider disabling the `username` parameter in the "/php-sms/classes/Login.php" API endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Human Resource Management System version 1.0.0 **Description** The Human Resource Management System contains a cross-site scripting (XSS) vulnerability. This issue is triggered via a crafted payload injected into an authentication error message. **Recommendations** For Human Resource Management System version 1.0.0, consider disabling authentication error messages until a patch is available to prevent potential exploitation of the XSS vulnerability. Restrict access to authentication endpoints to minimize the risk of exploitation. Avoid using crafted payloads in authentication processes until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.