Janikwehrli

**Name of the Vulnerable Software and Affected Versions** Sourcecodester E-Negosyo System version 1.0 **Description** An SQL Injection issue exists via the `user email` parameter in the "/admin/login.php" API endpoint. This allows for potential exploitation. **Recommendations** For Sourcecodester E-Negosyo System version 1.0, consider restricting access to the "/admin/login.php" endpoint until a patch is available, and avoid using the `user email` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.