Roxlukas

**Name of the Vulnerable Software and Affected Versions** roxlukas LMeve versions up to 0.1.58 **Description** A critical issue affects the function `insert log` of the file `wwwroot/ccpwgl/proxy.php`. The manipulation of the argument `fetch` leads to SQL injection. **Recommendations** For versions up to 0.1.58, upgrade to version 0.1.59-beta to address this issue. As a temporary workaround, consider restricting access to the `insert log` function in the `proxy.php` file until the upgrade is applied.