Zzb1

**Name of the Vulnerable Software and Affected Versions** code-projects Online Ordering System version 1.0 **Description** A security issue exists in code-projects Online Ordering System 1.0. The vulnerability involves the manipulation of the `Username` argument, leading to SQL injection. This affects an unknown function within the `/admin/` file of the Admin Login component. The attack can be launched remotely, and details about the exploit have been publicly disclosed. **Recommendations** Apply any available updates to address the SQL injection issue in the Admin Login component. As a temporary workaround, restrict access to the `/admin/` file to minimize the risk of exploitation. Sanitize the `Username` input to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Simple Shopping Cart version 1.0 **Description** A flaw exists in the processing of the `/Admin/additems.php` file within Simple Shopping Cart. Manipulation of the `item name` argument can lead to SQL injection. This issue can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** Apply appropriate sanitization and validation to the `item name` parameter in the `/Admin/additems.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Ordering System version 1.0 **Description** A flaw exists in code-projects Online Ordering System 1.0. The issue is related to the manipulation of the `Name` argument in the file `/user contact.php`, leading to a SQL injection condition. This can be initiated remotely. The exploit is publicly available. **Recommendations** Apply a fix to address the SQL injection issue in the `/user contact.php` file.

**Name of the Vulnerable Software and Affected Versions** code-projects Online Ordering System version 1.0 **Description** A security flaw exists in code-projects Online Ordering System 1.0. The issue involves SQL injection due to manipulation of the `product id` argument within an unknown function of the `/user school.php` file. This attack can be performed remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Simple Shopping Cart version 1.0 **Description** A flaw exists in code-projects Simple Shopping Cart version 1.0 that allows for remote SQL injection. The issue is located in the file '/adminlogin.php', specifically through manipulation of the `admin username` argument within an unknown function. The exploit for this issue is publicly available. **Recommendations** Apply any available updates or patches for code-projects Simple Shopping Cart version 1.0. As a temporary workaround, restrict access to the '/adminlogin.php' file. Sanitize the `admin username` input to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Simple Shopping Cart version 1.0 **Description** A flaw exists in Simple Shopping Cart 1.0 that allows for SQL injection. The issue is located in the `/Customers/settings.php` file, specifically when manipulating the `user id` argument. Remote exploitation is possible, and details about the exploit have been publicly released. **Recommendations** Apply a fix to address the SQL injection issue in the `/Customers/settings.php` file related to the `user id` parameter.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A SQL injection issue exists in Campcodes Grocery Sales and Inventory System 1.0. Manipulation of the `ID` argument in the `/ajax.php?action=save category` API endpoint can lead to SQL injection. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=save category` API endpoint until a fix is available. Sanitize the `ID` variable before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A SQL injection issue exists in Campcodes Grocery Sales and Inventory System 1.0. Manipulation of the `ID` argument in the `/ajax.php?action=delete receiving` API endpoint can lead to SQL injection. The exploit has been publicly disclosed and may be utilized. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=delete receiving` API endpoint until a fix is available. Sanitize the `ID` parameter before using it in SQL queries.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A flaw has been found in Campcodes Grocery Sales and Inventory System 1.0. The manipulation of the `ID` argument in the `/ajax.php?action=save product` file causes SQL injection. Remote exploitation of the issue is possible. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=save product` file until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A cross site scripting issue exists in Campcodes Grocery Sales and Inventory System 1.0. The `page` argument in the `/index.php?page=users` file is susceptible to manipulation, potentially allowing for remote attacks. The exploit is publicly available. **Recommendations** As a temporary workaround, restrict access to the `/index.php?page=users` file until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A vulnerability exists in Campcodes Grocery Sales and Inventory System 1.0. The issue is related to SQL injection within an unknown function of the file `/ajax.php?action=delete category`. Manipulation of the `ID` argument can trigger the injection. The attack can be carried out remotely, and the exploit has been made public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A security flaw has been discovered that allows for SQL injection. The vulnerability exists in an unknown function within the `/ajax.php?action=delete product` file. Manipulation of the `ID` argument enables remote exploitation. The exploit for this issue has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A vulnerability exists in Campcodes Grocery Sales and Inventory System that allows for SQL injection. The issue is located in the `/ajax.php?action=delete customer` file, specifically through manipulation of the `ID` argument. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=delete customer` file until a fix is available. Sanitize the `ID` parameter before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A SQL injection issue exists in Campcodes Grocery Sales and Inventory System. The issue is located in an unknown function of the file `/ajax.php?action=save customer`. Manipulation of the `ID` argument can trigger the vulnerability. The issue is remotely exploitable and the exploit has been made public. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=save customer` file until a fix is available. Sanitize the `ID` argument to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A SQL injection issue exists in Campcodes Grocery Sales and Inventory System version 1.0. The issue is related to the manipulation of the `ID` argument within the `/ajax.php?action=save supplier` file. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=save supplier` file until a fix is available. Sanitize the `ID` argument before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** Campcodes Grocery Sales and Inventory System version 1.0 **Description** A vulnerability exists in Campcodes Grocery Sales and Inventory System that allows for SQL injection. The issue is located in the `/ajax.php?action=delete supplier` file, where manipulation of the `ID` argument can lead to exploitation. This attack can be initiated remotely. The exploit is publicly available. **Recommendations** As a temporary workaround, consider restricting access to the `/ajax.php?action=delete supplier` file until a fix is available. Sanitize the `ID` argument before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** Campcodes Sales and Inventory System version 1.0 **Description** A flaw has been found in Campcodes Sales and Inventory System 1.0. Manipulation of the `page` argument in the `/index.php` file can lead to cross-site scripting. The attack may be launched remotely. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Sales and Inventory System version 1.0 **Description** A security issue exists in Campcodes Sales and Inventory System 1.0. Manipulation of the `page` argument in the `/index.php` file can lead to cross-site scripting. This attack can be launched remotely, and the exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/index.php` file to minimize the risk of exploitation. Sanitize the `page` argument within the `/index.php` file to prevent the injection of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Sports Management System version 1.0 **Description** A SQL injection issue exists due to the manipulation of the `code` argument. This can be exploited remotely via the `/Admin/sporttype.php` file and an unknown function. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Apartment Management System version 1.0 **Description** A security issue exists in itsourcecode Apartment Management System 1.0 related to SQL injection. The issue affects the processing of the file `/e dashboard/e all info.php`. Manipulation of the `mid` argument can lead to SQL injection, and the attack can be executed remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.