Samlo

**Name of the Vulnerable Software and Affected Versions** code-projects College Management System version 1.0 **Description** A critical issue was found in the College Management System, affecting the /Admin/student.php file. The manipulation of the `profile image` argument leads to unrestricted upload. This issue can be exploited remotely. **Recommendations** For version 1.0, consider disabling the file upload functionality related to the `profile image` argument in the /Admin/student.php file until a patch is available. Restrict access to the /Admin/student.php file to minimize the risk of exploitation. Avoid using the `profile image` argument in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** code-projects Payroll Management System version 1.0 **Description** A critical issue was found in the Payroll Management System. The problem affects an unknown functionality of the file update employee.php. The manipulation of the `emp type` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For code-projects Payroll Management System version 1.0, consider restricting access to the update employee.php file until a patch is available. As a temporary workaround, avoid using the `emp type` argument in the affected functionality to minimize the risk of exploitation.