Zhi Li

**Name of the Vulnerable Software and Affected Versions** itsourcecode sanitize or validate this input version 1.0 **Description** A flaw exists that allows for potential SQL injection. This occurs due to insufficient sanitization or validation of input. The issue is located in the file '/admin/teacher-attendance.php' and involves manipulation of the `teacher id` argument. The attack can be launched remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.