Wudidike

**Name of the Vulnerable Software and Affected Versions** IBOS OA version 4.5.5 **Description** A critical issue has been found in the Delete Logs Handler component, specifically affecting the file `?r=diary/default/del`. This issue leads to sql injection and can be initiated remotely. The manipulation of unknown code in this component is the cause of the problem. **Recommendations** For IBOS OA version 4.5.5, consider restricting access to the `?r=diary/default/del` file until a patch is available. As a temporary workaround, avoid using the Delete Logs Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.