Zyyyy

Name of the Vulnerable Software and Affected Versions halex CourseSEL versions up to 1.1.0 Description A security issue exists in halex CourseSEL. The `check sel` function within the `Apps/Index/Controller/IndexController.class.php` file, specifically the HTTP GET Parameter Handler, is susceptible to SQL injection through manipulation of the `seid` parameter. This attack can be initiated remotely. The exploit has been publicly disclosed. Recommendations Update to a version beyond 1.1.0.

Name of the Vulnerable Software and Affected Versions SourceCodester/mayuri k Best Courier Management System version 1.0 Description A flaw exists in the User Delete Handler component of SourceCodester/mayuri k Best Courier Management System 1.0. Manipulation of the `ID` argument in the '/ajax.php?action=delete user' endpoint can lead to improper access controls. This issue can be exploited remotely. The exploit has been made public. Recommendations Update to a newer version that contains a fix for this vulnerability.