Dear Ev!L

Name of the Vulnerable Software and Affected Versions: Social Site Generator versions 2.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in three parameters: `sgc id` in the "display blog.php" endpoint, `scm mem id` in the "social my profile download.php" endpoint, and `catid` in the "social forum subcategories.php" endpoint. Recommendations: For Social Site Generator version 2.0, as a temporary workaround, consider restricting access to the `display blog.php`, `social my profile download.php`, and `social forum subcategories.php` endpoints until a patch is available. Avoid using the `sgc id`, `scm mem id`, and `catid` parameters in these endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.