Yylm

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue was found in the system, affecting the file updateQuestion.php. The manipulation of the `id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the updateQuestion.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue has been found in the processing of the file ranking-exam.php, where the manipulation of the `exam id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the ranking-exam.php file until a patch is available. As a temporary workaround, avoid using the `exam id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue was found in the system, affecting some unknown functionality of the file submitAnswerExe.php. The manipulation of the `exmne id` argument leads to sql injection. The attack can be launched remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the submitAnswerExe.php file until a patch is available. As a temporary workaround, avoid using the `exmne id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue has been found in the system, affecting the file addExamExe.php. The manipulation of the `examTitle` argument leads to SQL injection. It is possible to initiate the attack remotely. The issue has been publicly disclosed and may be exploited. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the `addExamExe.php` file until a patch is available. As a temporary workaround, avoid using the `examTitle` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue was found in the system, affecting the file exam.php. The manipulation of the `id` argument leads to SQL injection. The attack can be initiated remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the exam.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue has been found in the system, affecting an unknown functionality of the file selExamAttemptExe.php. The manipulation of the `thisId` argument leads to sql injection. The attack can be launched remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the selExamAttemptExe.php file until a patch is available. As a temporary workaround, avoid using the `thisId` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue was found in the system, affecting an unknown function of the file result.php. The manipulation of the `id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the result.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Examination System version 1.0 **Description** A critical issue has been discovered, affecting the /adminpanel/admin/query/addCourseExe.php file. The `course name` argument is vulnerable to sql injection, which can be exploited remotely. The issue has been publicly disclosed and may be exploited. **Recommendations** For Campcodes Online Examination System version 1.0, consider restricting access to the /adminpanel/admin/query/addCourseExe.php file until a patch is available. As a temporary workaround, avoid using the `course name` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A problematic issue was found in the system, affecting the processing of the file "/index.php". The manipulation of the `page` argument leads to file inclusion. This issue can be exploited remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider restricting access to the "/index.php" file until a patch is available. As a temporary workaround, avoid using the `page` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A problematic issue was found in the system, affecting an unknown function of the file admin class.php. The manipulation of the `type` argument with the input `1` leads to improper authorization. This issue can be exploited remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider restricting access to the admin class.php file until a patch is available. As a temporary workaround, avoid using the argument `type` with the input `1` in the affected function. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A critical issue has been found in the HTTP Request Parameter Handler component of the system, specifically affecting the manage user.php file. The manipulation of the `id` argument leads to improper control of resource identifiers, allowing for remote attacks. The issue has been publicly disclosed and may be exploited. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider disabling the `id` parameter in the manage user.php file as a temporary workaround until a patch is available. Restrict access to the manage user.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A problem was found in the system, affecting the /ajax.php file. The issue is related to the manipulation of the `customer name`/`username` argument, leading to cross-site scripting. This can be initiated remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider disabling the /ajax.php file or restricting access to it until a fix is available. Avoid using the `customer name` or `username` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A critical issue was found in the system, affecting some unknown functionality of the file /manage user.php. The manipulation of the `id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider restricting access to the /manage user.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A critical issue has been found, affecting an unknown part of the file /manage inv.php. The manipulation of the `id` argument leads to SQL injection. It is possible to initiate the attack remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider restricting access to the /manage inv.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A critical issue has been found in the processing of the file /admin class.php. The manipulation of the argument `id/delete category/delete inv/delete laundry/delete supply/delete user/login/save inv/save user` leads to sql injection. The attack may be initiated remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider restricting access to the /admin class.php file until a patch is available. As a temporary workaround, avoid using the arguments `id/delete category/delete inv/delete laundry/delete supply/delete user/login/save inv/save user` in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A critical issue was found in the system, affecting an unknown function of the file /manage laundry.php. The manipulation of the `id` argument leads to SQL injection. It is possible to launch the attack remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, consider restricting access to the /manage laundry.php file until a patch is available. As a temporary workaround, avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Laundry Management System version 1.0 **Description** A critical issue has been discovered, affecting an unknown functionality of the file /manage receiving.php. The manipulation of the `id` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For Campcodes Online Laundry Management System version 1.0, as a temporary workaround, consider restricting access to the /manage receiving.php file until a patch is available. Avoid using the `id` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Campcodes Legal Case Management System version 1.0 **Description** A vulnerability was found in the system, classified as problematic, affecting an unknown part of the file /admin/vendor. The manipulation of the argument `company name/mobile` leads to cross-site scripting. It is possible to initiate the attack remotely. **Recommendations** For Campcodes Legal Case Management System version 1.0, as a temporary workaround, consider restricting access to the `/admin/vendor` file and avoid using the `company name/mobile` argument in affected API endpoints until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Legal Case Management System version 1.0 **Description** A problematic issue has been found in the system, affecting the processing of the file /admin/case-status. The manipulation of the `case status` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For Campcodes Legal Case Management System version 1.0, consider restricting access to the /admin/case-status file until a fix is available. As a temporary workaround, avoid using the `case status` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Campcodes Legal Case Management System version 1.0 **Description** A problematic issue was found in the system, affecting an unknown function of the file /admin/case-type. The manipulation of the `case type name` argument leads to cross-site scripting. It is possible to launch the attack remotely. **Recommendations** For Campcodes Legal Case Management System version 1.0, as a temporary workaround, consider restricting access to the /admin/case-type file until a patch is available. Avoid using the `case type name` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.