Sing

**Name of the Vulnerable Software and Affected Versions** Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 **Description** The issue affects multiple scripts, including `login/vehicle.php`, `login/profile.php`, `login/Actions.php`, `login/manage employee.php`, and `login/sell.php`, allowing for SQL Injection and Stored XSS. This can lead to the exposure of user login credentials and potentially enable remote code execution. **Recommendations** For Soyket Chowdhury Vehicle Sales Management System version 2017-07-30, consider disabling the affected scripts until a patch is available. Restrict access to the `login` directory to minimize the risk of exploitation. Avoid using sensitive user input in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.