Name of the Vulnerable Software and Affected Versions:

SourceCodester Advanced School Management System version 1.0

Description:

A SQL injection issue exists in SourceCodester Advanced School Management System 1.0. The vulnerability is located in an unknown function within the `/index.php/stock/item select` file. Manipulation of the `q` argument can lead to SQL injection, allowing for remote exploitation. The exploit is publicly available.

Recommendations:

As a temporary workaround, consider restricting access to the `/index.php/stock/item select` file until a patch is available.

Sanitize the `q` argument to prevent SQL injection attacks.