Kidjing

**Name of the Vulnerable Software and Affected Versions** Campcodes Web-Based Student Clearance System version 1.0 **Description** A critical issue has been found in the system, affecting the processing of the file /libsystem/login.php. The manipulation of the `student` argument leads to SQL injection. The attack can be initiated remotely. **Recommendations** For version 1.0, consider disabling the `login.php` file in the `/libsystem` directory until a patch is available. Restrict access to the `login.php` file to minimize the risk of exploitation. Avoid using the `student` argument in the affected API endpoint until the issue is resolved.