A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete student.php. Executing manipulation of the argument stud id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.