Palyo34

**Name of the Vulnerable Software and Affected Versions** Joomla! component StaticXT (com staticxt) (affected versions not specified) **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `id` parameter in the "index.php" endpoint. **Recommendations** For the affected version of the StaticXT component, consider restricting access to the "index.php" endpoint until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XOOPS version 2.0.18 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the `id` parameter in the detail.php file of the Dictionary module. **Recommendations** For XOOPS version 2.0.18, consider restricting access to the detail.php file in the Dictionary module until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected module to minimize the risk of exploitation.