Yanjun Li

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Apartment Visitor Management System version 1.0 **Description** A security issue exists in Campcodes Online Apartment Visitor Management System 1.0 related to the processing of the `/index.php` file. Manipulation of the `Username` argument can lead to SQL injection, allowing for remote attacks. The details of the exploit have been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Apartment Visitor Management System version 1.0 **Description** A flaw exists in Campcodes Online Apartment Visitor Management System 1.0 that could allow for sql injection. The issue is located in the file `/search-visitor.php` and involves the `searchdata` argument. This manipulation may be initiated remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Apartment Visitor Management System version 1.0 **Description** A security flaw exists in Campcodes Online Apartment Visitor Management System version 1.0. The issue involves a SQL injection impacting an unknown function within the `/bwdates-reports-details.php` file. The `fromdate/todate` argument can be manipulated to trigger the injection. This attack can be launched remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Course Registration version 1.0 **Description** A flaw exists in code-projects Online Course Registration 1.0 that allows for SQL injection. The issue is located in the file `/admin/manage-students.php` and involves manipulation of the `ID` argument. This manipulation occurs within an unknown function. The attack can be initiated remotely and an exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.