Lê Quốc Bảo

**Name of the Vulnerable Software and Affected Versions** Listeo-Core versions through 1.9.32 **Description** Listeo-Core is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for potential SQL Injection attacks. **Recommendations** Listeo-Core versions prior to 1.9.32 should be updated.

**Name of the Vulnerable Software and Affected Versions** YaySMTP versions n/a through 1.3 **Description** YaySMTP is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This issue could allow for unauthorized database access or modification. **Recommendations** Versions prior to 1.4 are affected.

**Name of the Vulnerable Software and Affected Versions** YayCommerce YayExtra versions through 1.5.5 **Description** YayCommerce YayExtra is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for potential manipulation of database queries. **Recommendations** Update YayCommerce YayExtra to a version beyond 1.5.5.

**Name of the Vulnerable Software and Affected Versions** YaySMTP versions n/a through 1.5 **Description** YaySMTP contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. **Recommendations** Versions prior to 1.6 are affected.

**Name of the Vulnerable Software and Affected Versions** YayCommerce SMTP for Amazon SES versions n/a through 1.9 **Description** A SQL Injection issue exists in YayCommerce SMTP for Amazon SES. The vulnerability is due to improper neutralization of special elements used in an SQL command. **Recommendations** Update YayCommerce SMTP for Amazon SES to a version later than 1.9.