Fgekspogap

**Name of the Vulnerable Software and Affected Versions** itsourcecode Online Pet Shop Management System version 1.0 **Description** A flaw exists in itsourcecode Online Pet Shop Management System version 1.0. The issue resides in unknown code within the `/pet1/addcnp.php` file. Manipulation of the `cnpname` argument can lead to SQL injection. This attack can be initiated remotely, and an exploit has been publicly released. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/pet1/addcnp.php` file. Avoid using the `cnpname` parameter in the affected API endpoint until the issue is resolved.