Mint60

**Name of the Vulnerable Software and Affected Versions** PHPSHE version 1.7 **Description** The issue is related to SQL injection via the "admin.php?mod=user&userlevel id=1" API endpoint, specifically through the `userlevel id[]` parameter. This allows for potential exploitation. **Recommendations** For PHPSHE version 1.7, consider restricting access to the "admin.php?mod=user&userlevel id=1" API endpoint until a patch is available. As a temporary workaround, avoid using the `userlevel id[]` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.