Name of the Vulnerable Software and Affected Versions:

itsourcecode Student Information Management System version 1.0

Description:

A vulnerability exists in itsourcecode Student Information Management System that allows for SQL injection. The issue affects an unknown part of the `/admin/login.php` file. Manipulation of the `uname` argument can lead to exploitation. The attack can be launched remotely, and the exploit has been publicly disclosed.

Recommendations:

As a temporary workaround, consider restricting access to the `/admin/login.php` file until a fix is available.

Sanitize the `uname` argument to prevent SQL injection attacks.