Zdwf-Klm

**Name of the Vulnerable Software and Affected Versions** 1000 Projects Portfolio Management System MCA version 1.0 **Description** A critical issue has been found in the /register.php file, affecting an unknown functionality. The manipulation of the argument name leads to SQL injection. This can be exploited remotely. Other parameters might also be affected. **Recommendations** For version 1.0, patch immediately and validate input to prevent SQL injection. As a temporary workaround, consider restricting access to the /register.php file until a patch is available. Avoid using potentially vulnerable parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.