An issue was discovered in LATRIX 0.6.0. SQL injection in the txtaccesscode parameter of inandout.php leads to information disclosure and code execution.
https://sourceforge.net/projects/latrix/
https://github.com/cptsticky/A-0day-Per-Day-Keeps-The-Cope-Away/blob/main/CVE-2021-30000