Zhuyi

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in an unknown functionality of the file `/fund/add fund.php`. Manipulation of the `ID` argument can trigger the issue, allowing for remote attacks. The exploit is publicly available. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in the `/maintenance/add maintenance cost.php` file due to the manipulation of the `ID` argument. Remote exploitation is possible. The exploit has been publicly disclosed and may be used. Recommendations: As a temporary workaround, consider restricting access to the `/maintenance/add maintenance cost.php` file until a fix is available. Sanitize the `ID` argument to prevent SQL injection attacks.

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists due to the manipulation of the `ID` argument in the processing of the `/owner utility/add owner utility.php` file. This can be exploited remotely. The exploit has been made public. Recommendations: As a temporary workaround, consider restricting access to the `/owner utility/add owner utility.php` file until a fix is available. Sanitize the `ID` argument before processing it in the `/owner utility/add owner utility.php` file.

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Apartment Management System 1.0. The vulnerability is located in an unknown functionality within the `/bill/add bill.php` file. Manipulation of the `ID` argument can lead to SQL injection, allowing for remote attacks. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A flaw has been found in the `/management/add m committee.php` file. Manipulation of the `ID` parameter can lead to SQL injection. The attack may be launched remotely. The exploit has been published and may be used. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists due to the manipulation of the `ID` argument in the `/complain/addcomplain.php` file. The attack can be initiated remotely. The exploit has been publicly disclosed. Recommendations: Sanitize the `ID` argument in the `/complain/addcomplain.php` file to prevent SQL injection.

Name of the Vulnerable Software and Affected Versions: Online Medicine Guide version 1.0 Description: A SQL injection issue exists in Online Medicine Guide 1.0. The manipulation of the `Search` parameter in the `/browsemdcn.php` file allows for remote exploitation. The exploit for this issue has been publicly disclosed. Recommendations: Online Medicine Guide version 1.0: Sanitize or validate the `Search` parameter to prevent SQL injection attacks. As a temporary workaround, restrict access to the `/browsemdcn.php` file.

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A vulnerability exists in SourceCodester COVID 19 Testing Management System 1.0, affecting unknown code within the `/bwdates-report-result.php` file. Manipulation of the `fromdate` argument can lead to a SQL injection attack, which can be initiated remotely. The exploit for this issue has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Online Tour and Travel Management System version 1.0. The manipulation of the `payment type` argument in the `/admin/operations/payment.php` file can lead to SQL injection. This issue is remotely exploitable and the exploit has been publicly disclosed. Recommendations: As a temporary workaround, restrict access to the `/admin/operations/payment.php` file to minimize the risk of exploitation. Sanitize the `payment type` argument to prevent SQL injection attacks.

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A SQL injection issue exists due to the manipulation of the `mobilenumber` argument in the processing of the `/edit-phlebotomist.php` file. The attack can be initiated remotely, and the exploit has been publicly disclosed. Other parameters may also be affected. Recommendations: As a temporary workaround, consider restricting access to the `/edit-phlebotomist.php` file until a patch is available. Sanitize the `mobilenumber` input to prevent SQL injection attacks. Review the code for other potentially vulnerable parameters and apply appropriate input validation and sanitization techniques.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in the itsourcecode Online Tour and Travel Management System. The vulnerability is located in the `/admin/operations/currency.php` file, where manipulation of the `curr code` argument can lead to SQL injection. This attack can be initiated remotely. The exploit has been disclosed to the public. Recommendations: As a temporary workaround, consider restricting access to the `/admin/operations/currency.php` file until a fix is available. Sanitize the `curr code` argument to prevent SQL injection attacks.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists due to the improper processing of the file `/admin/operations/expense.php`. Manipulation of the `expense for` argument can lead to successful exploitation. The exploit has been publicly disclosed. Recommendations: As a temporary workaround, restrict access to the `/admin/operations/expense.php` file until a fix is available. Sanitize the `expense for` argument to prevent SQL injection attacks.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is located in an unknown function within the `/admin/operations/expense category.php` file. Manipulation of the `expense name` argument can lead to SQL injection, allowing for remote exploitation. The exploit has been publicly disclosed. Recommendations: Sanitize the `expense name` argument to prevent SQL injection. Review the code within the `/admin/operations/expense category.php` file for potential SQL injection vulnerabilities.

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A SQL injection issue exists in an unknown functionality of the file `/profile.php`. Manipulation of the `mobilenumber` argument can lead to SQL injection, allowing for remote attacks. The exploit has been publicly disclosed and may be used. Other parameters might also be affected. Recommendations: As a temporary workaround, consider restricting access to the `/profile.php` file until a fix is available. Sanitize the `mobilenumber` parameter to prevent SQL injection attacks. Review and sanitize all other parameters used in the `/profile.php` file to identify and address potential SQL injection vulnerabilities.

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A vulnerability exists in SourceCodester COVID 19 Testing Management System 1.0, affecting an unknown functionality within the `/search-report-result.php` file. Manipulation of the `serachdata` argument can lead to SQL injection, potentially allowing for remote attacks. The exploit for this issue has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A vulnerability was identified in the system that allows for SQL injection. The issue affects an unknown part of the file `/test-details.php`. Manipulation of the `remark` argument can lead to successful exploitation, and the attack can be initiated remotely. The exploit has been disclosed to the public. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.