Claudefans

**Name of the Vulnerable Software and Affected Versions** CodeAstro Student Attendance Management System version 1.0 **Description** An issue exists in the file '/attendance-php/Admin/createStudents.php' where manipulating the `admissionNumber` argument allows for SQL injection, which is a technique used to execute malicious SQL statements that control a database server. This allows for remote exploitation of the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.