Liujiaquan

**Name of the Vulnerable Software and Affected Versions** itsourcecode Farm Management System version 1.0 **Description** A critical vulnerability has been found in the itsourcecode Farm Management System, affecting an unknown part of the file /edit-pig.php. The manipulation of the arguments `pigno`, `weight`, `arrived`, `breed`, `remark`, and `status` leads to SQL injection. The attack can be initiated remotely. Although the initial researcher advisory only mentions the parameter `pigno` as affected, it is assumed that other parameters are also affected. **Recommendations** As a temporary workaround, consider restricting access to the /edit-pig.php file until a patch is available. Avoid using the parameters `pigno`, `weight`, `arrived`, `breed`, `remark`, and `status` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.