Sgwt

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Enrollment System version 1.0 **Description** A security issue exists in itsourcecode Online Enrollment System. The manipulation of the `deptid` argument in the file '/sms/grades/index.php?view=edit&id=1' leads to SQL injection. The attack can be carried out remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Exam Form Submission version 1.0 **Description** A cross-site scripting issue exists in code-projects Exam Form Submission version 1.0. The issue is located in the file `/admin/update s1.php`. Manipulation of the `sname` argument can trigger the issue. The attack can be initiated remotely. The exploit is publicly available. **Recommendations** Apply any available updates to address the issue in the `/admin/update s1.php` file. As a temporary workaround, sanitize the `sname` argument to prevent cross-site scripting. Restrict access to the `/admin/update s1.php` file to authorized personnel only.