#php

phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php.

elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php.

elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php.

elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php.

elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=.

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type.

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_report.

Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident.

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125