CVE-2024-25310

Name of the Vulnerable Software and Affected Versions Code-projects Simple School Managment System version 1.0

Description The issue allows SQL Injection via the id parameter at the "School/delete.php?id=5" endpoint. This means an attacker could potentially inject malicious SQL code by manipulating the id variable in the request to the specified endpoint.

Recommendations For Code-projects Simple School Managment System version 1.0, as a temporary workaround, consider restricting access to the "School/delete.php" endpoint until a patch is available. Avoid using the id parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.