Unknown · Projectsandprograms School Management System · CVE-2025-11056
**Name of the Vulnerable Software and Affected Versions**
ProjectsAndPrograms School Management System version 1.0
**Description**
A SQL injection issue exists in ProjectsAndPrograms School Management System version 1.0. The issue is located in the `owner panel/fetch-data/select-students.php` file, specifically through manipulation of the `select` argument. Remote exploitation is possible. The exploit has been published.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.