Redteam_Bd

**Name of the Vulnerable Software and Affected Versions** SourceCodester Student Grades Management System version 1.0 **Description** A flaw exists in the Student Grades Management System that impacts the `delete user` function within the `/admin.php` file. Manipulation of this function can lead to cross site scripting, potentially allowing for remote attacks. The exploit for this issue has been published. **Recommendations** As a temporary workaround, consider restricting access to the `/admin.php` file to minimize the risk of exploitation. Disable the `delete user` function until a fix is available.

**Name of the Vulnerable Software and Affected Versions** varunsardana004 Blood-Bank-And-Donation-Management-System versions prior to dc9e0393d826fbc85fad9755b5bc12cba1919df2 **Description** A flaw exists in the Blood-Bank-And-Donation-Management-System that allows for sql injection. The issue is located in the `/donate blood.php` file, specifically through manipulation of the `fullname` argument. This can be exploited remotely. The exploit has been published. **Recommendations** Apply updates to versions prior to dc9e0393d826fbc85fad9755b5bc12cba1919df2. As a temporary workaround, restrict or carefully validate the `fullname` parameter in the `/donate blood.php` file.