Prithivik S L

**Name of the Vulnerable Software and Affected Versions** CodeAstro Complaint Management System version 1.0 **Description** The issue allows a remote attacker to execute arbitrary code and escalate privileges via the `id` parameter of the "delete.php" component. This is a result of a SQL injection vulnerability in the CodeAstro Complaint Management System. **Recommendations** For CodeAstro Complaint Management System version 1.0, consider disabling the `delete.php` component or restricting access to it until a patch is available. Avoid using the `id` parameter in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.