J4Ck

**Name of the Vulnerable Software and Affected Versions** Eskolar CMS version 0.9.0.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters in different files, including `gr 1 id`, `gr 2 id`, `gr 3 id`, and `doc id` in `index.php`, and `uid` and `pwd` in `php/esa.php`. Other potential vectors are related to files in `php/lib/`, such as `del.php`, `download backup.php`, `navig.php`, `restore.php`, `set 12.php`, `set 14.php`, and `upd doc.php`. **Recommendations** For Eskolar CMS version 0.9.0.0, consider restricting access to the vulnerable parameters `gr 1 id`, `gr 2 id`, `gr 3 id`, `doc id`, `uid`, and `pwd` until a patch is available. Additionally, limit interactions with files in `php/lib/` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.