Zhengdexu

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Blood Bank Management System version 1.0 **Description** A SQL injection flaw exists in the `/admin/viewrequest.php` file. Remote attackers can exploit this by manipulating the `ID` argument, allowing for unauthorized database queries. **Recommendations** Update itsourcecode Online Blood Bank Management System version 1.0 to a patched version. As a temporary workaround, restrict access to the `/admin/viewrequest.php` file or avoid using the `ID` parameter until a fix is applied.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Blood Bank Management System version 1.0 **Description** A SQL injection flaw exists in the file '/admin/campsdetails.php'. A remote attacker can exploit this by manipulating the `hospital` argument, allowing for unauthorized database queries. **Recommendations** As a temporary workaround, restrict access to the '/admin/campsdetails.php' file or avoid using the `hospital` argument until a fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online House Rental System version 1.0 **Description** A remote SQL injection exists in the '/ajax.php?action=login' endpoint. The issue occurs when the `Username` argument is manipulated, allowing an attacker to execute arbitrary SQL commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/ajax.php?action=login' endpoint or avoid using the `Username` parameter until a fix is available.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online House Rental System version 1.0 **Description** An issue exists in the `/manage tenant.php` file where the manipulation of the `ID` argument allows for SQL injection, a technique used to execute malicious SQL statements that can result in unauthorized access to or disclosure of data. This attack can be initiated remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online House Rental System version 1.0 **Description** An issue exists in the '/manage payment.php' file where the manipulation of the `ID` argument allows for SQL injection, a technique used to execute malicious SQL statements that can result in unauthorized access to or disclosure of data. This attack can be launched remotely. **Recommendations** Update itsourcecode Online House Rental System version 1.0 to a patched version. As a temporary workaround, restrict access to the '/manage payment.php' file to minimize the risk of exploitation.