Name of the Vulnerable Software and Affected Versions:

SourceCodester Simple Cafe Billing System version 1.0

Description:

A SQL injection issue exists in SourceCodester Simple Cafe Billing System 1.0. The vulnerability is located in the `/sales report.php` file, affecting an unknown function. Manipulation of the `month` argument can lead to SQL injection. The exploit is publicly available and may be used to initiate attacks remotely.

Recommendations:

As a temporary workaround, consider restricting access to the `/sales report.php` file until a fix is available.