Shivx

**Name of the Vulnerable Software and Affected Versions** Advanced Webhost Billing System (AWBS) versions 2.9.2 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `oid` parameter in an "add other" action in the cart.php file. **Recommendations** For Advanced Webhost Billing System (AWBS) versions 2.9.2 and earlier, consider restricting access to the cart.php file until a patch is available. As a temporary workaround, avoid using the `oid` parameter in the "add other" action to minimize the risk of exploitation.