Name of the Vulnerable Software and Affected Versions:

code-projects Online Event Judging System version 1.0

Description:

A vulnerability exists in the processing of the `/create account.php` file. Manipulation of the `fname` argument causes SQL injection, allowing for remote exploitation. The exploit has been publicly disclosed. Other parameters may also be affected.

Recommendations:

As a temporary workaround, consider restricting access to the `/create account.php` file until a fix is available.

Sanitize the `fname` parameter to prevent SQL injection.

Review and sanitize all other parameters used in the `/create account.php` file to identify and address potential vulnerabilities.