Yueyue

**Name of the Vulnerable Software and Affected Versions** itsourcecode School Management System version 1.0 **Description** A security flaw exists in itsourcecode School Management System 1.0. The issue involves SQL injection stemming from the manipulation of the `ID` argument within an unknown function of the file '/ramonsys/user/controller.php'. This attack can be launched remotely. The exploit has been publicly released. **Recommendations** Apply a fix to address the SQL injection issue in the file '/ramonsys/user/controller.php', specifically related to the `ID` argument.

**Name of the Vulnerable Software and Affected Versions** Campcodes Retro Basketball Shoes Online Store version 1.0 **Description** A weakness exists in Campcodes Retro Basketball Shoes Online Store 1.0 that allows for unrestricted file upload. The issue is located in an unknown function within the `/admin/admin running.php` file. Manipulation of the `product image` argument enables remote execution of the attack. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.