ctg503/bug_report

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login.

An arbitrary file upload vulnerability in /admin/ajax.php?action=save_uploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms//classes/Master.php?f=delete_activity.