Junyuchen

**Name of the Vulnerable Software and Affected Versions** Wedding Planner version 1.0 **Description** A SQL injection issue was found in Wedding Planner via the `id` parameter at the "/wedding details.php" endpoint. **Recommendations** For Wedding Planner version 1.0, consider restricting access to the "/wedding details.php" endpoint until a patch is available, and avoid using the `id` parameter in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wedding Planner version 1.0 **Description** A SQL injection issue was found in Wedding Planner via the `booking` parameter at the "/admin/client edit.php" API endpoint. This allows for potential exploitation. **Recommendations** For Wedding Planner version 1.0, consider restricting access to the "/admin/client edit.php" endpoint until a fix is available, and avoid using the `booking` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wedding Planner version 1.0 **Description** A SQL injection issue was found in Wedding Planner via the `id` parameter at the "/package detail.php" endpoint. This allows for potential exploitation of the database. **Recommendations** For Wedding Planner version 1.0, consider restricting access to the "/package detail.php" endpoint until a patch is available. As a temporary workaround, avoid using the `id` parameter in this endpoint to minimize the risk of exploitation.