Lanpwa

**Name of the Vulnerable Software and Affected Versions** Lost and Found Thing Management version 1.0 **Description** An issue exists in the '/catageory.php' file where manipulation of the `cat` argument allows for remote SQL injection, a technique used to interfere with the queries that an application makes to its database. **Recommendations** As a temporary workaround, avoid using the `cat` parameter in the '/catageory.php' endpoint until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lost and Found Thing Management version 1.0 **Description** A security flaw in the '/addcat.php' file allows for remote SQL injection. This occurs when the `cata` argument is manipulated, enabling an attacker to interfere with the database queries. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.