Anchitsahni

**Name of the Vulnerable Software and Affected Versions** Uniclare Student Portal version 2 **Description** A SQL injection flaw exists in Uniclare Student Portal version 2. This allows remote attackers to inject arbitrary SQL commands through vulnerable input fields. Exploitation can involve executing time-delay functions to infer database responses. The vulnerability enables the execution of arbitrary SQL commands via vulnerable input fields. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.