Lulucat

**Name of the Vulnerable Software and Affected Versions** itsourcecode Inventory Management System version 1.0 **Description** A SQL injection issue exists in itsourcecode Inventory Management System. The issue is triggered by manipulating the `PROID` argument in the `/index.php?q=product` endpoint. This allows for remote exploitation. The exploit has been publicly released. **Recommendations** Apply any available updates or patches for itsourcecode Inventory Management System version 1.0. As a temporary workaround, restrict or carefully validate the `PROID` parameter in the `/index.php?q=product` endpoint.