Yunhdeng

Name of the Vulnerable Software and Affected Versions: 1000projects Online Project Report Submission and Evaluation System version 1.0 Description: A SQL injection issue exists due to the manipulation of the `batch id` argument in the processing of the `/admin/controller/delete group student.php` file. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.