Lizihan

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Art Gallery Shop version 1.0 **Description** A flaw in the file '/admin/adminHome.php' allows for remote SQL injection. This occurs through the manipulation of the `social linked` argument. SQL injection is a technique where an attacker inserts malicious SQL code into a query, potentially allowing them to read or modify database data. **Recommendations** As a temporary workaround, restrict access to the file '/admin/adminHome.php' or avoid using the `social linked` argument until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.