Key Information Affected Product Product Name: Curfew e-Pass Management System Version: V1.0 Vulnerability Details Vulnerability Type: SQL Injection Affected File: /admin/edit-category-detail.php Parameter: Root Cause Improper validation and filtering of user input, allowing malicious code to be directly inserted into SQL queries. Impact Attackers can exploit this vulnerability to gain database access, modify data, and potentially take full control of the system. Description An SQL injection vulnerability exists in the file. Attackers can inject malicious SQL code via the parameter. Vulnerability Details and POC Payload: Request Packet: Recommended Fixes 1. Use prepared statements with parameter binding. 2. Validate and filter user input. 3. Minimize database user privileges.