Xkalami-Tta0

**Name of the Vulnerable Software and Affected Versions** Intern Membership Management System version 1.0 **Description** A SQL injection issue exists in the Intern Membership Management System. The issue is located in the `/admin/delete activity.php` file, within an unknown function. Manipulating the `activity id` argument can lead to SQL injection, and the attack can be launched remotely. The exploit has been publicly disclosed. **Recommendations** Apply a fix to address the manipulation of the `activity id` argument in the `/admin/delete activity.php` file.

**Name of the Vulnerable Software and Affected Versions** RainyGao DocSys versions through 2.02.36 **Description** A flaw exists in RainyGao DocSys that allows for remote manipulation leading to SQL injection. The issue is related to the `getUserList` function within the `/Manage/getUserList.do` file. The exploit has been publicly disclosed. **Recommendations** Update RainyGao DocSys to a version beyond 2.02.36.