Samwbs

**Name of the Vulnerable Software and Affected Versions** Best Free Law Office Management Software version 1.0 **Description** The issue allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the "kortex lite/control/register case.php" interface. This enables remote access to sensitive case data. **Recommendations** For Best Free Law Office Management Software version 1.0, patch immediately and review logs for signs of compromise. As a temporary workaround, consider restricting access to the "kortex lite/control/register case.php" interface until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A vulnerability was found in the SourceCodester Kortex Lite Advocate Office Management System, affecting an unknown part of the file `register case.php`. The manipulation of the arguments `title`, `description`, and `opposite lawyer` leads to cross-site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the manipulation of the `title`, `description`, and `opposite lawyer` arguments in the `register case.php` file until a patch is available. Restrict access to the `register case.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A problematic issue has been found in the system, affecting an unknown function of the file addcase stage.php. The manipulation of the `cname` argument leads to cross-site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider disabling the `cname` argument in the affected file addcase stage.php as a temporary workaround until a patch is available. Restrict access to the addcase stage.php file to minimize the risk of exploitation. Avoid using the `cname` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A problematic issue was found in the file add act.php, where the manipulation of the `aname` argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider disabling the `add act.php` file or restricting access to it until a patch is available. Avoid using the `aname` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A problematic issue has been found in the file adds.php, where the manipulation of the argument `name`, `dob`, `email`, `mobile`, or `address` leads to cross-site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider disabling the functionality of the file adds.php until a patch is available. Restrict access to the arguments `name`, `dob`, `email`, `mobile`, and `address` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A critical issue has been discovered, affecting an unknown functionality of the file activate act.php. The manipulation of the `id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider restricting access to the activate act.php file until a fix is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A critical issue has been discovered, affecting the file delete client.php. The manipulation of the `id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider restricting access to the delete client.php file until a fix is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A critical issue was found in the system, affecting the delete act.php file. The manipulation of the `id` argument leads to SQL injection. This issue can be initiated remotely. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider restricting access to the delete act.php file until a fix is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A critical issue has been found in the processing of the file delete register.php, where the manipulation of the `case register id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider restricting access to the delete register.php file until a patch is available. As a temporary workaround, avoid using the `case register id` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Kortex Lite Advocate Office Management System version 1.0 **Description** A critical issue was found in the system, affecting an unknown function of the file deactivate act.php. The manipulation of the `id` argument leads to SQL injection. It is possible to launch the attack remotely. **Recommendations** For SourceCodester Kortex Lite Advocate Office Management System version 1.0, consider restricting access to the deactivate act.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.