Seeu1

**Name of the Vulnerable Software and Affected Versions** code-projects Online Event Judging System version 1.0 **Description** A security flaw exists in code-projects Online Event Judging System 1.0. Manipulation of the `fullname` argument in the `/add contestant.php` file can lead to SQL injection. Remote exploitation is possible, and an exploit has been publicly released. **Recommendations** Apply input validation and sanitization to the `fullname` parameter in the `/add contestant.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Event Judging System version 1.0 **Description** A weakness exists in code-projects Online Event Judging System 1.0. The issue affects unknown code within the '/edit contestant.php' file. Manipulation of the `contestant id` argument can lead to SQL injection. The attack can be executed remotely. The exploit has been made publicly available. **Recommendations** Apply a fix for code-projects Online Event Judging System version 1.0 to address the SQL injection issue in the '/edit contestant.php' file. As a temporary workaround, restrict access to the `contestant id` parameter in the '/edit contestant.php' endpoint.

**Name of the Vulnerable Software and Affected Versions** Simple Food Ordering System version 1.0 **Description** A security issue exists in Simple Food Ordering System 1.0 related to the manipulation of the `cname` argument in the `editcategory.php` file, leading to a SQL injection. This allows for remote attacks. The exploit has been publicly disclosed. The vulnerable function is unknown. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.