Vyc0D

**Name of the Vulnerable Software and Affected Versions** eNdonesia version 8.4 **Description** A SQL injection issue exists in the Publisher module, allowing remote attackers to execute arbitrary SQL commands. This is achieved via the `artid` parameter in a `printarticle` action to `mod.php`. **Recommendations** For eNdonesia version 8.4, avoid using the `artid` parameter in the `printarticle` action to `mod.php` until a fix is available. As a temporary workaround, consider restricting access to the Publisher module to minimize the risk of exploitation.