Bwnz

**Name of the Vulnerable Software and Affected Versions** Sourcecodetester Printable Staff ID Card Creator System version 1.0 **Description** The issue allows an attacker to compromise the database via SQL injection, then log in and leverage an arbitrary file upload vulnerability to obtain remote code execution. **Recommendations** For Sourcecodetester Printable Staff ID Card Creator System version 1.0, consider disabling the file upload feature until a patch is available to prevent remote code execution. Restrict access to the database to minimize the risk of SQL injection. Avoid using the system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.