Yangzr

**Name of the Vulnerable Software and Affected Versions** itsourcecode Student Management System version 1.0 **Description** A SQL injection issue exists in itsourcecode Student Management System 1.0. The issue is located in the file `/uprec.php`. Manipulation of the `ID` argument can lead to SQL injection. The exploit is publicly available and may be used to initiate attacks remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.