Kai6300

**Name of the Vulnerable Software and Affected Versions** KiviCare versions prior to 4.3.1 **Description** An authentication bypass issue exists in the kivicare-clinic-management-system, which allows for password recovery exploitation by using an alternate path or channel. **Recommendations** Update to a version later than 4.3.0.

**Name of the Vulnerable Software and Affected Versions** Easy Form Builder versions prior to 4.0.7 **Description** Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. This occurs when the application fails to properly sanitize user-supplied data before including it in a database query, enabling an attacker to infer information by observing the application's response to specific queries. **Recommendations** Update to a version newer than 4.0.6.