Sunspanter

**Name of the Vulnerable Software and Affected Versions** itsourcecode Student Management System version 1.0 **Description** A flaw exists in itsourcecode Student Management System 1.0, specifically within the file `/newsubject.php`. The `sub` argument is susceptible to SQL injection, allowing for remote exploitation. The details of the exploit have been publicly disclosed. **Recommendations** Apply any available updates or patches for itsourcecode Student Management System version 1.0. As a temporary workaround, restrict access to the `/newsubject.php` file. Sanitize the `sub` parameter to prevent SQL injection attacks.