Qihao

**Name of the Vulnerable Software and Affected Versions** kidaze CourseSelectionSystem versions prior to 42cd892b40a18d50bd4ed1905fa89f939173a464 **Description** A vulnerability exists in kidaze CourseSelectionSystem. The manipulation of the argument `csem` in an unknown function of the file `/Profilers/PProfile/COUNT3s3.php` leads to SQL injection. Remote exploitation is possible. **Recommendations** As a temporary workaround, consider restricting access to the file `/Profilers/PProfile/COUNT3s3.php` until a fix is available. Avoid using the parameter `csem` in the affected file until the issue is resolved.