Huangtinlin

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Admission System version 1.0 **Description** A critical vulnerability exists in projectworlds Online Admission System version 1.0 due to a SQL injection issue. The vulnerability is located in an unknown functionality of the `/viewform.php` file. Manipulation of the `ID` parameter allows for remote exploitation. The exploit for this issue has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/viewform.php` file until a fix is available. Sanitize the `ID` parameter to prevent SQL injection attacks.