S.W.T

**Name of the Vulnerable Software and Affected Versions** PsNews version 1.3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter to API endpoints such as "ndetail.php" and "print.php". **Recommendations** For PsNews version 1.3, consider restricting access to the `id` parameter in the affected API endpoints "ndetail.php" and "print.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.