Ansh Jain

**Name of the Vulnerable Software and Affected Versions** Wifi Soft Unibox Administration versions 3.0 through 3.1 **Description** The issue arises from the lack of validation or sanitization of user input in the `username` field of the login page, leading to SQL Injection. This allows attackers to inject malicious SQL code, potentially accessing or modifying sensitive data. **Recommendations** For versions 3.0 and 3.1, consider disabling the login functionality until a patch is available, or restrict access to the login page to minimize the risk of exploitation. Avoid using the `username` field in the login page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.