Kpxct

**Name of the Vulnerable Software and Affected Versions** Campcodes School File Management version 1.0 **Description** A security flaw exists in Campcodes School File Management 1.0. The issue is related to SQL injection, which can be triggered by manipulating the `user id` argument in the /admin/update user.php file. This allows for remote exploitation. The exploit has been publicly released. **Recommendations** Apply any available updates to address the issue. As a temporary workaround, restrict access to the /admin/update user.php file. Avoid using the `user id` parameter in the /admin/update user.php endpoint until the issue is resolved.