Secret

**Name of the Vulnerable Software and Affected Versions** xt:Commerce Gambio version 2008 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `products id` parameter in the product reviews info.php file. **Recommendations** For xt:Commerce Gambio version 2008, consider restricting access to the product reviews info.php file until a patch is available, and avoid using the `products id` parameter in this context to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** APBoard versions 2.1.0 and earlier **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `id` parameter in the "board/board.php" file. **Recommendations** For APBoard versions 2.1.0 and earlier, consider restricting access to the `id` parameter in the "board/board.php" file until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected API endpoint until the issue is resolved.