Shiqumeng

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Online Course Registration version 3.1 **Description** A vulnerability exists in PHPGurukul Online Course Registration version 3.1. The vulnerability is due to SQL injection in the `/admin/student-registration.php` file. Manipulation of the `studentname` argument can lead to a successful attack remotely. The exploit is publicly available. **Recommendations** As a temporary workaround, sanitize the `studentname` input to prevent SQL injection.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Boat Booking System version 1.0 **Description** A critical issue exists in PHPGurukul Boat Booking System 1.0, specifically within the `/admin/add-boat.php` file. The `boatname` argument is susceptible to SQL injection, allowing for remote exploitation. The exploit details have been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/admin/add-boat.php` file until a patch is available. Sanitize the `boatname` input to prevent SQL injection attacks.