Flower-Fertilizer

**Name of the Vulnerable Software and Affected Versions** Auto Dealer Management System version 1.0 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability can be exploited via the `name` parameter at the "/classes/SystemSettings.php?f=update settings" API endpoint. **Recommendations** For Auto Dealer Management System version 1.0, consider restricting access to the "/classes/SystemSettings.php?f=update settings" API endpoint to minimize the risk of exploitation. Avoid using the `name` parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Auto Dealer Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. **Recommendations** For Auto Dealer Management System version 1.0, update to a version that includes a fix for the SQL injection vulnerability, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.