Am1Azi3Ngo

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the id parameter at the /admin.php/singer/admin/singer/del API endpoint. This allows for potential exploitation. **Recommendations** For version 4.2, avoid using the `id` parameter in the /admin.php/singer/admin/singer/del API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the CSCMS Music Portal System. This issue is related to the `id` parameter at the "/admin.php/Label/js del" API endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, avoid using the `id` parameter in the "/admin.php/Label/js del" API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the id parameter at the /admin.php/User/level sort API endpoint. This allows for potential exploitation. **Recommendations** For version 4.2, avoid using the `id` parameter in the /admin.php/User/level sort API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was discovered in the CSCMS Music Portal System. The issue is related to the `id` parameter at the "/admin.php/singer/admin/lists/zhuan" API endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/singer/admin/lists/zhuan" API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the CSCMS Music Portal System. The issue is related to the `id` parameter at the "/admin.php/user/level del" API endpoint. This allows for potential exploitation. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/user/level del" API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was discovered in the CSCMS Music Portal System. The issue is related to the `id` parameter at the "/admin.php/singer/admin/singer/hy" API endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/singer/admin/singer/hy" API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `id` parameter at the "/admin.php/pic/admin/pic/del" API endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/pic/admin/pic/del" API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the id parameter at the /admin.php/pic/admin/type/save API endpoint. **Recommendations** For version 4.2, avoid using the `id` parameter in the /admin.php/pic/admin/type/save API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System via the `id` parameter at the "/admin.php/news/admin/news/save" API endpoint. This allows for potential exploitation of the system. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/news/admin/news/save" API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System. The issue is related to the `id` parameter at the "/admin.php/pic/admin/type/hy" endpoint. This allows for potential SQL injection attacks. **Recommendations** For CSCMS Music Portal System version 4.2, avoid using the `id` parameter in the "/admin.php/pic/admin/type/hy" endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System. The vulnerability can be exploited via the `id` parameter at the "/admin.php/pic/admin/type/pl save" API endpoint. **Recommendations** For version 4.2, avoid using the `id` parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "/admin.php/pic/admin/type/pl save" endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System via the `id` parameter at the "/admin.php/news/admin/topic/save" API endpoint. This allows for potential exploitation. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the `/admin.php/news/admin/topic/save` API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System via the `id` parameter at the "/admin.php/pic/admin/lists/zhuan" endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the `/admin.php/pic/admin/lists/zhuan` endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the "/admin.php/pic/admin/pic/hy" API endpoint by restoring deleted photos. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/pic/admin/pic/hy" API endpoint until a patch is available. Avoid restoring deleted photos via this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System via the `id` parameter at the "/admin.php/news/admin/lists/zhuan" API endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the `/admin.php/news/admin/lists/zhuan` API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the CSCMS Music Portal System. The vulnerability is exploited via the `id` parameter at the "/admin.php/pic/admin/type/del" API endpoint. **Recommendations** For CSCMS Music Portal System version 4.2, consider restricting access to the "/admin.php/pic/admin/type/del" API endpoint to minimize the risk of exploitation. Avoid using the `id` parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A SQL injection issue was found in the id parameter at the /admin.php/pic/admin/lists/zhuan API endpoint. This allows for potential exploitation. **Recommendations** For version 4.2, avoid using the `id` parameter in the /admin.php/pic/admin/lists/zhuan API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the CSCMS Music Portal System. The issue is related to the `id` parameter at the "/admin.php/user/zu del" API endpoint. This allows for potential exploitation. **Recommendations** For CSCMS Music Portal System version 4.2, as a temporary workaround, consider restricting access to the "/admin.php/user/zu del" API endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the CSCMS Music Portal System. The issue is related to the `id` parameter at the "/admin.php/Links/del" API endpoint. This allows for potential exploitation. **Recommendations** For CSCMS Music Portal System version 4.2, avoid using the `id` parameter in the "/admin.php/Links/del" API endpoint until a fix is available. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSCMS Music Portal System version 4.2 **Description** A blind SQL injection issue was found in the id parameter at the /admin.php/vod/admin/topic/del API endpoint. This allows for potential exploitation. **Recommendations** For version 4.2, avoid using the `id` parameter in the /admin.php/vod/admin/topic/del API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.