Venkat Rajgor

**Name of the Vulnerable Software and Affected Versions** PHPSUGAR PHP Melody CMS version 2.6.1 **Description** SQL Injection exists in the system, allowing unauthorized access to database information. The issue is specifically related to the `playlist` parameter in the "playlists.php" endpoint. **Recommendations** For PHPSUGAR PHP Melody CMS version 2.6.1, consider restricting access to the "playlists.php" endpoint until a patch is available, and avoid using the `playlist` parameter to minimize the risk of exploitation.