Nicole_Mo

**Name of the Vulnerable Software and Affected Versions** tittuvarghese CollegeManagementSystem (affected versions not specified) **Description** A remote SQL injection can be triggered by manipulating the `department code` argument within an unknown function of the file 'dashboard page/forms/fetch.php'. SQL injection is a type of vulnerability that allows an attacker to interfere with the queries that an application makes to its database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the file 'dashboard page/forms/fetch.php' or avoid using the `department code` parameter until the issue is resolved.