Lo$T

**Name of the Vulnerable Software and Affected Versions** JTL-Shop version 2 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `s` parameter in the `druckansicht.php` file. **Recommendations** For JTL-Shop version 2, avoid using the `s` parameter in the `druckansicht.php` file until a patch is available. As a temporary workaround, consider restricting access to the `druckansicht.php` file to minimize the risk of exploitation.