Mickael Brouty

**Name of the Vulnerable Software and Affected Versions** Yeswiki Cercopitheque versions 2018-06-19-1 and earlier **Description** The issue allows attackers to execute arbitrary SQL commands via the `id` parameter in the "Bazar" page. This enables unauthorized access and manipulation of database content. **Recommendations** For versions 2018-06-19-1 and earlier, as a temporary workaround, consider restricting access to the "Bazar" page until a patch is available. Avoid using the `id` parameter in the affected page to minimize the risk of exploitation.