Zhaoyuyang

**Name of the Vulnerable Software and Affected Versions** Simple Stock System version 1.0 **Description** A SQL injection issue exists in Simple Stock System 1.0. The issue is due to the manipulation of the `uname` argument in the /logout.php file. This allows for remote execution of attacks. The exploit has been publicly released. The vulnerable endpoint is '/logout.php'. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.