Catherines77

**Name of the Vulnerable Software and Affected Versions** yshopmall versions prior to 1.9.0 **Description** The issue is related to SQL Injection in the image listing interface. **Recommendations** For versions prior to 1.9.0, update to version 1.9.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** sayski ForestBlog version 20241223 **Description** The issue allows a remote attacker to escalate privileges via the article editing function. This is related to a Cross Site Scripting problem. **Recommendations** For sayski ForestBlog version 20241223, consider disabling the article editing function until a patch is available. Restrict access to the editing module to minimize the risk of exploitation.