Hanyu Luo

**Name of the Vulnerable Software and Affected Versions** Campcodes Retro Basketball Shoes Online Store version 1.0 **Description** A flaw exists in Campcodes Retro Basketball Shoes Online Store 1.0 related to the file `/admin/admin index.php`. Manipulation of the `Username` argument can lead to a SQL injection. The attack can be launched remotely. The exploit is publicly available. **Recommendations** Apply a fix to address the SQL injection issue in the `/admin/admin index.php` file. As a temporary workaround, restrict access to the `/admin/admin index.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Campcodes Retro Basketball Shoes Online Store version 1.0 **Description** A security flaw exists in Campcodes Retro Basketball Shoes Online Store version 1.0. The issue affects an unknown part of the file `/admin/admin feature.php`. Manipulation of the `pid` argument can lead to SQL injection. The attack can be initiated remotely. The exploit has been released publicly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Campcodes Retro Basketball Shoes Online Store version 1.0 **Description** A weakness exists in Campcodes Retro Basketball Shoes Online Store 1.0. The issue affects unknown code within the `/admin/admin product.ph` file. Manipulation of the `pid` argument can lead to SQL injection. The attack can be launched remotely. The exploit has been made publicly available. **Recommendations** For Campcodes Retro Basketball Shoes Online Store version 1.0, address the SQL injection issue by sanitizing or validating the `pid` argument before using it in database queries. As a temporary workaround, restrict access to the `/admin/admin product.ph` file.

**Name of the Vulnerable Software and Affected Versions** Campcodes Retro Basketball Shoes Online Store version 1.0 **Description** A security issue has been identified in Campcodes Retro Basketball Shoes Online Store version 1.0. The issue involves the processing of the file `/admin/admin football.php`. Manipulation of the `pid` argument can lead to a SQL injection. Remote exploitation is possible, and the exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.