Wyl091256

Name of the Vulnerable Software and Affected Versions: Campcodes Online Recruitment Management System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file "/admin/ajax.php?action=save vacancy". The manipulation of the `ID` argument leads to SQL injection. The attack can be initiated remotely. Recommendations: For Campcodes Online Recruitment Management System version 1.0, consider restricting access to the "/admin/ajax.php?action=save vacancy" endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the `ID` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Campcodes Online Recruitment Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/view vacancy.php. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. Recommendations: For Campcodes Online Recruitment Management System version 1.0, consider restricting access to the /admin/view vacancy.php file until a patch is available. As a temporary workaround, avoid using the `ID` argument in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Campcodes Payroll Management System version 1.0 Description: A critical issue has been found in the system, affecting the /ajax.php?action=calculate payroll file. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. Recommendations: For Campcodes Payroll Management System version 1.0, as a temporary workaround, consider restricting access to the `/ajax.php?action=calculate payroll` endpoint and avoid using the `ID` argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Campcodes Payroll Management System version 1.0 Description: A critical issue affects the processing of the file "/ajax.php?action=delete employee attendance single". The manipulation of the `ID` argument leads to SQL injection. The attack may be initiated remotely. Recommendations: For Campcodes Payroll Management System version 1.0, consider restricting access to the "/ajax.php?action=delete employee attendance single" endpoint until a patch is available. As a temporary workaround, avoid using the `ID` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Campcodes Payroll Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file "/ajax.php?action=delete payroll". The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. Recommendations: For Campcodes Payroll Management System version 1.0, as a temporary workaround, consider restricting access to the "/ajax.php?action=delete payroll" endpoint to minimize the risk of exploitation. Avoid using the `ID` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Campcodes Payroll Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown functionality of the file /ajax.php?action=save employee attendance. The manipulation of the `employee id` argument leads to SQL injection. This issue can be exploited remotely. Recommendations: For Campcodes Payroll Management System version 1.0, as a temporary workaround, consider restricting access to the /ajax.php?action=save employee attendance endpoint to minimize the risk of exploitation. Avoid using the `employee id` argument in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Campcodes Payroll Management System version 1.0 Description: A critical issue affects some unknown functionality of the file "/ajax.php?action=save payroll". The manipulation of the `ID` argument leads to SQL injection. The attack can be launched remotely. Recommendations: For Campcodes Payroll Management System version 1.0, as a temporary workaround, consider restricting access to the "/ajax.php?action=save payroll" endpoint until a patch is available. Avoid using the `ID` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** Campcodes Online Recruitment Management System version 1.0 **Description:** A critical vulnerability exists in Campcodes Online Recruitment Management System. The vulnerability is due to a SQL injection flaw within the unknown code of the file `/admin/ajax.php?action=delete application`. Manipulation of the `ID` argument can lead to successful exploitation. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations:** Campcodes Online Recruitment Management System version 1.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Food Ordering System version 1.0 **Description** A critical issue has been discovered, affecting an unknown part of the file /view-ticket-admin.php. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Food Ordering System version 1.0, consider restricting access to the /view-ticket-admin.php file until a patch is available. As a temporary workaround, avoid using the `ID` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Food Ordering System version 1.0 **Description** A critical vulnerability has been found in the Campcodes Online Food Ordering System. This issue affects the processing of the file /routers/ticket-message.php, where the manipulation of the `ticket id` argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the /routers/ticket-message.php file until a patch is available. Restrict access to the `ticket id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Food Ordering System version 1.0 **Description** A critical issue was found in the system, affecting the file /routers/ticket-status.php. The manipulation of the `ticket id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Food Ordering System version 1.0, consider restricting access to the /routers/ticket-status.php file until a patch is available. As a temporary workaround, avoid using the `ticket id` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Gym Management System version 1.0 **Description** A critical issue has been found in the itsourcecode Gym Management System, affecting some unknown functionality of the file /view pdetails.php. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For itsourcecode Gym Management System version 1.0, consider restricting access to the /view pdetails.php file until a patch is available. As a temporary workaround, avoid using the `ID` parameter in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Gym Management System version 1.0 **Description** A critical issue was found in the Gym Management System, affecting the "/ajax.php?action=delete user" endpoint. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Gym Management System version 1.0, consider disabling the `delete user` function in the "/ajax.php?action=delete user" endpoint until a patch is available. Restrict access to the `/ajax.php` file to minimize the risk of exploitation. Avoid using the `ID` argument in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Gym Management System version 1.0 **Description** A critical issue has been found in the itsourcecode Gym Management System, affecting the file `/ajax.php?action=delete trainer`. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For itsourcecode Gym Management System version 1.0, consider disabling the delete trainer functionality in the `/ajax.php?action=delete trainer` endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using the `ID` argument in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Gym Management System version 1.0 **Description** A critical issue affects the processing of the file "/ajax.php?action=delete plan". The manipulation of the `ID` argument leads to SQL injection. The attack may be initiated remotely. **Recommendations** For itsourcecode Gym Management System version 1.0, consider restricting access to the "/ajax.php?action=delete plan" endpoint until a patch is available. As a temporary workaround, avoid using the `ID` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Gym Management System version 1.0 **Description** A critical issue has been found in the itsourcecode Gym Management System. The problem is related to an unknown function of the file /ajax.php?action=delete member, where the manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For itsourcecode Gym Management System version 1.0, consider restricting access to the /ajax.php?action=delete member endpoint until a fix is available. As a temporary workaround, avoid using the `ID` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gym Management System version 1.0 **Description** A critical issue has been identified in the Gym Management System, affecting an unknown functionality of the file /ajax.php?action=delete package. The manipulation of the `ID` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Gym Management System version 1.0, as a temporary workaround, consider restricting access to the /ajax.php endpoint, specifically the `delete package` action, to minimize the risk of exploitation. Avoid using the `ID` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Food Ordering System version 1.0 **Description** A critical issue affects some unknown functionality of the file /routers/user-router.php, where the manipulation of the `t1 verified` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Food Ordering System version 1.0, as a temporary workaround, consider restricting access to the /routers/user-router.php file or disabling the functionality that uses the `t1 verified` argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul COVID19 Testing Management System version 1.0 **Description** A critical vulnerability was found in the PHPGurukul COVID19 Testing Management System. This issue affects unknown code in the file /password-recovery.php. The manipulation of the `contactno` argument leads to SQL injection. The attack can be initiated remotely. Other parameters might also be affected. **Recommendations** For PHPGurukul COVID19 Testing Management System version 1.0, consider disabling the /password-recovery.php file or restricting access to it until a patch is available. Avoid using the `contactno` argument in the affected API endpoint until the issue is resolved. As a temporary workaround, restrict access to the vulnerable file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul COVID19 Testing Management System version 1.0 **Description** A critical issue affects some unknown processing of the file "/patient-report.php". The manipulation of the argument `searchdata` leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the `/patient-report.php` file until a patch is available. Restrict access to this file to minimize the risk of exploitation. Avoid using the `searchdata` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.