Xiao Huangxin

**Name of the Vulnerable Software and Affected Versions** Simple Library Management System Project Using PHP/MySQL version 1.0 **Description** The issue is related to an arbitrary file upload vulnerability. This vulnerability is present in the `ajax.php` component. **Recommendations** For version 1.0, consider restricting access to the `ajax.php` component to prevent exploitation of the arbitrary file upload vulnerability until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Sourcecodester Stock Management System version 1.0 **Description** The issue is related to SQL Injection, which can be exploited via the editCategories.php file. This allows for potential unauthorized access to database information. **Recommendations** For Sourcecodester Stock Management System version 1.0, consider disabling access to the editCategories.php file until a patch is available to prevent SQL Injection attacks. Restrict input validation in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.