Weke

**Name of the Vulnerable Software and Affected Versions** Goldlink version 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `vadmin login` or `vadmin pass` cookie in a request to "goldlink.php". **Recommendations** For Goldlink version 3.0, consider restricting access to the "goldlink.php" endpoint until a patch is available. As a temporary workaround, avoid using the `vadmin login` and `vadmin pass` cookies in requests to "goldlink.php" to minimize the risk of exploitation.