Do Truong Giang

**Name of the Vulnerable Software and Affected Versions** Contact Form to DB by BestWebSoft versions 1.7.2 and earlier **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation. Secure versions are available from 1.7.3 onwards. **Recommendations** For versions 1.7.2 and earlier, update to version 1.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database areas until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** WP TripAdvisor Review Slider versions n/a through 12.6 **Description** The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a 'SQL Injection' vulnerability. This allows Blind SQL Injection, which can be exploited by attackers. **Recommendations** For WP TripAdvisor Review Slider versions n/a through 12.6, update to a version later than 12.6 to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Auto Affiliate Links versions n/a through 6.4.3.1 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting malicious SQL code. **Recommendations** For versions n/a through 6.4.3.1, update to a version later than 6.4.3.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations until a patch is available. Avoid using user-supplied input in SQL commands without proper sanitization until the issue is resolved.