Kerjo

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Sports Management System 1.0. The vulnerability is located in the `/Admin/match.php` file, specifically through the manipulation of the `code` argument. This allows for remote exploitation. The exploit details have been publicly disclosed. Recommendations: As a temporary workaround, restrict access to the `/Admin/match.php` file. Sanitize the `code` parameter before using it in SQL queries. At the moment, there is no information about a newer version that contains a fix for this vulnerability.