Zws1

**Name of the Vulnerable Software and Affected Versions** itsourcecode Sports Management System version 1.0 **Description** A flaw exists in itsourcecode Sports Management System version 1.0, specifically within an unknown function of the file `/Admin/resultdetails.php`. Manipulation of the `ID` argument can lead to SQL injection. The attack can be initiated remotely, and an exploit has been published. **Recommendations** As a temporary workaround, consider restricting access to the `/Admin/resultdetails.php` file until a fix is available. Sanitize the `ID` argument before using it in any database queries.