Name of the Vulnerable Software and Affected Versions:

Intern Membership Management System version 1.0

Description:

A critical issue exists in Intern Membership Management System 1.0. The vulnerability is due to SQL injection caused by the manipulation of the `user name`/`password` argument in the `/student login.php` file. This allows for remote exploitation. The exploit for this issue has been publicly disclosed.

Recommendations:

As a temporary workaround, consider restricting access to the `/student login.php` file until a fix is available.

Sanitize the `user name` and `password` parameters before using them in SQL queries.