Broccolitos

**Name of the Vulnerable Software and Affected Versions** SLIMS version 9.6.1 **Description** The issue allows a remote attacker to escalate privileges. This is achieved via the `month` parameter in the "visitor report day.php" component. **Recommendations** For SLIMS version 9.6.1, consider restricting access to the `visitor report day.php` component until a patch is available. As a temporary workaround, avoid using the `month` parameter in the affected component to minimize the risk of exploitation.