Horime

**Name of the Vulnerable Software and Affected Versions** SourceCodester Advanced School Management System version 1.0 **Description** A SQL injection issue exists in SourceCodester Advanced School Management System 1.0. The vulnerability is located in an unknown function within the `/index.php/stock/item select` file. Manipulation of the `q` argument can lead to SQL injection, allowing for remote exploitation. The exploit is publicly available. **Recommendations** As a temporary workaround, consider restricting access to the `/index.php/stock/item select` file until a patch is available. Sanitize the `q` argument to prevent SQL injection attacks.