Unknown · Persian Vip Download Script · CVE-2020-15468
**Name of the Vulnerable Software and Affected Versions**
Persian VIP Download Script version 1.0
**Description**
The issue allows SQL Injection via the `active` parameter in the "cart edit.php" endpoint.
**Recommendations**
For version 1.0, avoid using the `active` parameter in the "cart edit.php" endpoint until the issue is resolved.