Qby04

**Name of the Vulnerable Software and Affected Versions** itsourcecode Society Management System version 1.0 **Description** A weakness exists in an unknown functionality of the file `/admin/check studid.php`. Manipulation of the `student id` argument can lead to SQL injection. The attack can be launched remotely. The exploit has been made publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.