Name of the Vulnerable Software and Affected Versions:

code-projects Human Resource Integrated System version 1.0

Description:

A SQL injection issue exists due to unknown processing of the file `/login.php`. Manipulation of the `user/pass` argument can lead to SQL injection, allowing for remote exploitation. The exploit is publicly available.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.