Name of the Vulnerable Software and Affected Versions:

projectworlds Online Admission System version 1.0

Description:

A critical issue exists in projectworlds Online Admission System that allows for remote SQL injection. The vulnerability is located in an unknown functionality within the `/adminac.php` file, specifically through manipulation of the `ID` argument. The exploit for this issue has been publicly disclosed.

Recommendations:

As a temporary workaround, restrict access to the `/adminac.php` file to minimize the risk of exploitation.

Sanitize the `ID` parameter before using it in any database queries.