CVE-2020-26051

Name of the Vulnerable Software and Affected Versions: College Management System Php version 1.0

Description: The issue concerns SQL injection vulnerabilities in the index.php page. These vulnerabilities arise from the POST parameters unametxt and pwdtxt, which are not filtered before being passed to a SQL query. This lack of filtering allows for potential SQL injection attacks.

Recommendations: For College Management System Php version 1.0, as a temporary workaround, consider filtering or sanitizing the unametxt and pwdtxt parameters in the index.php page to prevent SQL injection attacks. Restrict access to the index.php page until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.