Sunhaobin

**Name of the Vulnerable Software and Affected Versions** projectworlds Advanced Library Management System version 1.0 **Description** A weakness exists in projectworlds Advanced Library Management System. The issue affects unknown code within the `/view book.php` file. Manipulation of the `book id` argument can lead to SQL injection, and the attack can be executed remotely. The exploit has been made publicly available. **Recommendations** Apply any available updates or patches for projectworlds Advanced Library Management System version 1.0. As a temporary workaround, consider restricting access to the `/view book.php` file. Sanitize the `book id` parameter to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Admission System version 1.0 **Description** A vulnerability exists in projectworlds Online Admission System version 1.0 related to SQL injection. The issue is located in an unknown functionality of the file `/viewdoc.php`. Manipulation of the `ID` argument can lead to SQL injection, and the attack can be launched remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/viewdoc.php` file until a fix is available. Sanitize the `ID` parameter before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Admission System version 1.0 **Description** A critical issue exists in projectworlds Online Admission System that allows for remote SQL injection. The vulnerability is located in an unknown functionality within the `/adminac.php` file, specifically through manipulation of the `ID` argument. The exploit for this issue has been publicly disclosed. **Recommendations** As a temporary workaround, restrict access to the `/adminac.php` file to minimize the risk of exploitation. Sanitize the `ID` parameter before using it in any database queries.