Name of the Vulnerable Software and Affected Versions:

SourceCodester Water Billing System version 1.0

Description:

A SQL injection weakness exists in the `/paybill.php` file due to manipulation of the `ID` argument. Remote exploitation is possible. The exploit has been made publicly available.

Recommendations:

As a temporary workaround, consider restricting access to the `/paybill.php` file until a fix is available.

Sanitize the `ID` argument before using it in any database queries.