Admif

**Name of the Vulnerable Software and Affected Versions** SourceCodester Company Website CMS version 1.0 **Description** A SQL injection issue exists due to the manipulation of the `email` argument in the '/admin/reset-password.php' file. This allows for remote attacks. The exploit has been publicly released. **Recommendations** Apply a fix to address the SQL injection issue in the '/admin/reset-password.php' file. Sanitize the `email` parameter to prevent SQL injection attacks. As a temporary workaround, restrict access to the '/admin/reset-password.php' file.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Company Website CMS version 1.0 **Description** A flaw exists in SourceCodester Company Website CMS 1.0 that allows for SQL injection through manipulation of the `Username` argument in the file '/admin/index.php'. This allows for remote exploitation and the exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.