Youpeng Li

**Name of the Vulnerable Software and Affected Versions** SourceCodester Simple Responsive Tourism Website version 1.0 **Description** A flaw exists in SourceCodester Simple Responsive Tourism Website that allows for SQL injection. This issue is related to the manipulation of the `Username` argument within the `/classes/Master.php?f=register` file during the registration process. The attack can be initiated remotely. An exploit for this issue has been published. **Recommendations** Apply any available updates or patches to address the SQL injection issue in the `/classes/Master.php?f=register` file. As a temporary workaround, restrict or disable the registration functionality until a patch is available. Sanitize the `Username` input to prevent SQL injection attacks.