Sparc

**Name of the Vulnerable Software and Affected Versions** FileRun versions 2017.09.18 and below **Description** The issue arises from a failure to sanitize input in the `metafield` parameter inside the metasearch module, which is located under the search function. This leads to a remote SQL injection issue. **Recommendations** For versions 2017.09.18 and below, consider restricting access to the metasearch module until a fix is available. As a temporary workaround, avoid using the `metafield` parameter in the search function to minimize the risk of exploitation.