A SQL injection vulnerability exists in the raisulislamg4/student_management_system_by_php project, specifically within the delete.php file. Multiple identifier parameters—user_id, course_id, teacher_id, student_id, and application_id—are susceptible to manipulation, enabling remote attackers to inject arbitrary SQL commands. The project follows a rolling release model without discrete version numbers, co [truncated]
A SQL injection vulnerability exists in the student_management_system_by_php repository by raisulislamg4, affecting the login_check.php file's Username parameter. The vulnerability allows remote, unauthenticated attackers to manipulate SQL queries through crafted input. The project uses a rolling release model without discrete version numbers, complicating patch identification. The maintainer was notified [truncated]
