S1Incere

**Name of the Vulnerable Software and Affected Versions** H3C Magic B1 versions prior to 100R004 **Description** A buffer overflow can be triggered remotely through the manipulation of the `param` argument in the `SetAPWifiorLedInfoById()` function located in the '/goform/aspForm' file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions itsourcecode Payroll Management System version 1.0 Description A security flaw has been discovered in itsourcecode Payroll Management System 1.0. The vulnerability affects an unknown functionality of the file `/manage user.php` within the Parameter Handler component. Manipulation of the `ID` argument results in SQL injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions itsourcecode Payroll Management System version 1.0 Description A weakness exists in itsourcecode Payroll Management System 1.0. The issue affects some unknown functionality of the file `/view employee.php` within the Parameter Handler component. Manipulation of the `ID` argument can lead to SQL injection, and the attack can be performed remotely. The exploit has been made publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability.