Player

**Name of the Vulnerable Software and Affected Versions** VS PANEL version 7.3.6 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `Cat ID` parameter in the showcat.php file. **Recommendations** For VS PANEL version 7.3.6, consider restricting access to the showcat.php file or avoiding the use of the `Cat ID` parameter until a fix is available.

**Name of the Vulnerable Software and Affected Versions** CRE Loaded version 6.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `products id` parameter in the "product info.php" file. **Recommendations** For CRE Loaded version 6.2, consider restricting access to the `product info.php` file or validating and sanitizing the `products id` parameter to prevent SQL injection attacks. As a temporary workaround, avoid using the `products id` parameter in the affected file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Quick.Cms.Lite version 0.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "index.php" file. **Recommendations** For Quick.Cms.Lite version 0.5, consider restricting access to the `id` parameter in the "index.php" file to minimize the risk of exploitation.