Xqer

Name of the Vulnerable Software and Affected Versions code-projects Simple IT Discussion Forum version 1.0 Description A flaw exists in code-projects Simple IT Discussion Forum version 1.0 that allows for SQL injection via manipulation of the `Category` argument in the `/add-category-function.php` file. This can be exploited remotely. The exploit is publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/add-category-function.php` file.

Name of the Vulnerable Software and Affected Versions Simple Laundry System version 1.0 Description A flaw exists in Simple Laundry System 1.0, specifically within the /checkcheckout.php file. Manipulation of the `serviceId` argument can lead to cross site scripting, potentially allowing for remote attacks. The exploit has been publicly disclosed. Recommendations Address the manipulation of the `serviceId` argument in the /checkcheckout.php file.