Unknown · Art Gallery Management System · CVE-2023-37771
**Name of the Vulnerable Software and Affected Versions**
Art Gallery Management System version 1.0
**Description**
The issue is a SQL injection vulnerability. It occurs via the `cid` parameter at the "/agms/product.php" API endpoint.
**Recommendations**
For Art Gallery Management System version 1.0, consider restricting access to the "/agms/product.php" endpoint until a patch is available, and avoid using the `cid` parameter in this endpoint to minimize the risk of exploitation.