Asl-Sabia

**Name of the Vulnerable Software and Affected Versions** Webradev Download Protect version 1.0 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `RootPath` parameter to specific PHP files, including `Framework/EmailTemplates.class.php`, `Customers/PDPEmailReplaceConstants.class.php`, and `Admin/ResellersManager.class.php` in the `includes/DProtect/` directory. **Recommendations** For Webradev Download Protect version 1.0, consider restricting access to the `includes/DProtect/` directory and the `RootPath` parameter to minimize the risk of exploitation. Avoid using the `RootPath` parameter in the affected API endpoints until the issue is resolved.