Northindo

**Name of the Vulnerable Software and Affected Versions** phpok version 6.4.003 **Description** The issue concerns SQL injection in the `index f()` function located in `phpok64/framework/api/call control.php`. This allows for potential exploitation of the SQL injection vulnerability. **Recommendations** For phpok version 6.4.003, consider disabling the `index f()` function as a temporary workaround until a patch is available. Restrict access to the `call control.php` module to minimize the risk of exploitation. Avoid using vulnerable parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.