CVE-2021-40578

Name of the Vulnerable Software and Affected Versions Online Enrollment Management System in PHP and PayPal Free Source Code version 1.0

Description The issue allows attackers to obtain sensitive information and execute arbitrary SQL commands via the IDNO parameter. This is an Authenticated Blind & Error-based SQL injection vulnerability.

Recommendations For Online Enrollment Management System in PHP and PayPal Free Source Code version 1.0, consider restricting access to the IDNO parameter to minimize the risk of exploitation. Avoid using the IDNO parameter in sensitive transactions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.