Fybox

**Name of the Vulnerable Software and Affected Versions** raisulislamg4 student management system by php versions up to 310d950e09013d5133c6b9210aff9444382d16d1 **Description** An issue exists in the User Creation Handler component within the file 'add user check.php'. The manipulation of the `role` argument allows for remote SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the file 'add user check.php' or avoid using the `role` parameter in that file to minimize the risk of exploitation.