Dimi4

**Name of the Vulnerable Software and Affected Versions** vsp stats processor version 0.45 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `gameID` parameter in the `/vsp-core/pub/themes/bismarck/gamestat.php` endpoint. **Recommendations** For version 0.45, consider restricting access to the `gamestat.php` file until a patch is available. As a temporary workaround, avoid using the `gameID` parameter in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Skalfa SkaLinks version 1.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the Admin name field to the default URI under "admin/". **Recommendations** For Skalfa SkaLinks version 1.5, update to a version that fixes this issue, if available. As a temporary workaround, consider restricting access to the admin panel to minimize the risk of exploitation. Avoid using the Admin name field in the affected URI until the issue is resolved.