Kingcoues

**Name of the Vulnerable Software and Affected Versions** Open Source SACCO Management System version 1.0 **Description** A SQL injection issue was found in the id parameter at the /sacco shield/manage borrower.php API endpoint. **Recommendations** For Open Source SACCO Management System version 1.0, avoid using the `id` parameter in the /sacco shield/manage borrower.php API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Source SACCO Management System version 1.0 **Description** A SQL injection issue was found in the id parameter at the /sacco shield/manage user.php API endpoint. This allows for potential exploitation by injecting malicious SQL code. **Recommendations** For Open Source SACCO Management System version 1.0, avoid using the `id` parameter in the /sacco shield/manage user.php endpoint until the issue is resolved. Consider implementing input validation and sanitization for the `id` parameter to prevent SQL injection attacks.