Saemorris

**Name of the Vulnerable Software and Affected Versions** saemorris TheRadSystem (affected versions not specified) **Description** A critical issue was found in saemorris TheRadSystem, affecting the `redirect` function of the ` login.php` file. The manipulation of the `user/pass` argument leads to SQL injection. The attack can be initiated remotely. **Recommendations** To fix this issue, it is recommended to apply a patch. As a temporary workaround, consider restricting access to the `redirect` function in the ` login.php` file until a patch is available. Additionally, avoid using the `user/pass` argument in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.