Tnn2026

Name of the Vulnerable Software and Affected Versions code-projects Vehicle Showroom Management System version 1.0 Description A flaw exists in an unknown function within the `/BranchManagement/ProfitAndLossReport.php` file. Manipulation of the `BRANCH ID` argument can lead to cross site scripting, potentially allowing for remote attacks. The exploit has been published. Recommendations As a temporary workaround, consider restricting or validating the `BRANCH ID` argument to prevent manipulation.

Name of the Vulnerable Software and Affected Versions code-projects Vehicle Showroom Management System version 1.0 Description A cross site scripting issue exists due to the manipulation of the `BRANCH ID` argument within an unknown function of the `/BranchManagement/ServiceAndSalesReport.php` file. Remote exploitation is possible, and the exploit has been publicly disclosed. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Vehicle Showroom Management System version 1.0 Description A flaw exists in Vehicle Showroom Management System 1.0 where manipulation of the `VEHICLE ID` argument within an unknown function in the `/util/VehicleDetailsFunction.php` file leads to SQL injection. This issue can be exploited remotely. The exploit has been publicly disclosed. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Vehicle Showroom Management System version 1.0 Description A flaw exists in code-projects Vehicle Showroom Management System 1.0, specifically within the `/util/AddVehicleFunction.php` file. Manipulation of the `BRANCH ID` argument can lead to SQL injection. This issue is remotely exploitable and has been publicly disclosed. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/util/AddVehicleFunction.php` file.

**Name of the Vulnerable Software and Affected Versions** itsourcecode College Management System version 1.0 **Description** A SQL injection issue exists in itsourcecode College Management System 1.0. The issue is located in the `/admin/add-single-student-results.php` file within the Parameter Handler component. Manipulation of the `course code` parameter can lead to SQL injection. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Laundry System version 1.0 **Description** A SQL injection issue exists in the Parameter Handler component of the software due to the manipulation of the `serviceId` argument. This affects the `/checkcheckout.php` file and can be exploited remotely. The exploit has been publicly released. **Recommendations** Apply any available updates to address the vulnerability in the `/checkcheckout.php` file. As a temporary workaround, restrict or carefully validate the `serviceId` parameter to prevent SQL injection attacks.