Shu1Lop

**Name of the Vulnerable Software and Affected Versions** 188Jianzhan version 2.1.0 **Description** The issue allows attackers to execute arbitrary code and gain escalated privileges. This is achieved via the `username` parameter to the "login.php" endpoint. **Recommendations** For 188Jianzhan version 2.1.0, consider restricting access to the "login.php" endpoint until a fix is available, and avoid using the `username` parameter in this endpoint to minimize the risk of exploitation.