Xiaosun

**Name of the Vulnerable Software and Affected Versions** SourceCodester Simple and Nice Shopping Cart Script version 1.0 **Description** A SQL injection issue exists in SourceCodester Simple and Nice Shopping Cart Script 1.0. The issue is located in an unknown function within the `/signup.php` file. Manipulating the `Username` argument can trigger the SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed. **Recommendations** Apply any available updates or patches for version 1.0. As a temporary workaround, sanitize the `Username` input to prevent SQL injection. Restrict access to the `/signup.php` file if possible.