Key Information Vulnerability Title SQL Injection Vulnerability in Advanced School Management System with Complete Features ≤ 1.0 Affected Versions 1.0 Vendor donzibmay Software Advanced School Management System with Complete Features Vulnerable Files /index.php?r=ajax/aim_select /index.php?r=ajax/vendorDetails Description The application contains unauthenticated SQL injection vulnerabilities in multiple endpoints. Authenticated users can exploit these vulnerabilities to manipulate SQL queries, potentially leading to unauthorized data extraction, modification, or other malicious operations. SQL Injection Examples 1. aim_select Endpoint - The GET parameter is not properly sanitized when processing the route. - Example SQL Injection Payloads: - Error-based: - Time-based blind: 2. vendorDetails Endpoint - The GET parameter is not properly sanitized when processing the route. - Example SQL Injection Payloads: - Error-based: - Time-based blind: Proof of Concept 1. Log in to the application using valid credentials. 2. Access and observe the server response time. 3. Access and observe the application response time. Remediation Recommendations 1. Use prepared statements and parameterized queries. 2. Implement strict input validation. 3. Apply the principle of least privilege. 4. Deploy a Web Application Firewall (WAF).