Wyx_02

**Name of the Vulnerable Software and Affected Versions** Campcodes Online Learning Management System version 1.0 **Description** A SQL injection issue exists in Campcodes Online Learning Management System version 1.0. The issue is located in the `/teacher signup.php` file, within an unknown function. Manipulation of the `firstname` argument can trigger the SQL injection. The attack can be initiated remotely, and the exploit has been made public. Other parameters might also be affected. **Recommendations** As a temporary workaround, consider restricting or disabling the use of the `/teacher signup.php` file until a fix is available. Sanitize the `firstname` parameter before using it in any database queries.

**Name of the Vulnerable Software and Affected Versions** SourceCodester/Campcodes School Log Management System version 1.0 **Description** A SQL injection issue exists in an unknown functionality of the file `/admin/admin class.php`. Manipulation of the `id no` argument can lead to SQL injection and can be launched remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/admin/admin class.php` file to minimize the risk of exploitation. Sanitize the `id no` argument to prevent SQL injection attacks.