Chenwei

**Name of the Vulnerable Software and Affected Versions** itsourcecode sanitize or validate this input version 1.0 **Description** A flaw exists in the processing of the `/admin/subjects.php` file within the Parameter Handler component. Manipulation of the `subject code` argument can lead to SQL injection. This issue is remotely exploitable, and details about the exploit have been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.