Its My

**Name of the Vulnerable Software and Affected Versions** Simpleboard (com simpleboard) version 1.0.3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `catid` parameter in a view action in the index.php file. **Recommendations** For version 1.0.3, avoid using the `catid` parameter in the affected API endpoint until the issue is resolved. Consider restricting access to the index.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** osCommerce Online Merchant versions 2.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `testimonial id` parameter in the customer testimonials.php file of the Customer Testimonials 3 and 3.1 Addon. **Recommendations** For osCommerce Online Merchant version 2.2, consider restricting access to the customer testimonials.php file until a patch is available. Avoid using the `testimonial id` parameter in the affected file to minimize the risk of exploitation.