Unknow123

Name of the Vulnerable Software and Affected Versions: Sourcecodester Cab Management System version 1.0 Description: A SQL injection issue in manage client.php and view cab.php allows remote attackers to execute arbitrary SQL commands via the `id` parameter, leading to unauthorized access and potential compromise of sensitive data within the database. Recommendations: For Sourcecodester Cab Management System version 1.0, consider validating and sanitizing the `id` parameter in manage client.php and view cab.php to prevent SQL injection attacks. As a temporary workaround, restrict access to these scripts until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Sourcecodester Cab Management System version 1.0 Description: A Cross-site Scripting (XSS) issue in manage account.php allows remote authenticated users to inject arbitrary web scripts via the `First Name`, `Middle Name`, and `Last Name` fields. Recommendations: For Sourcecodester Cab Management System version 1.0, consider validating and sanitizing user input for the `First Name`, `Middle Name`, and `Last Name` fields to prevent arbitrary web script injection. As a temporary workaround, restrict access to the manage account.php file until a patch is available.