Title: campcodes Online Learning Management System V1.0 SQL injection Description: - During the security review of "Online Learning Management System", a critical SQL injection vulnerability was discovered in the "/admin/department.php" file. - The vulnerability stems from insufficient user input validation of the 'd' parameter, allowing attackers to inject malicious SQL queries. - Attackers can gain unauthorized access to databases, modify or delete data, and access sensitive information. - Immediate remedial measures are needed to ensure system security and protect data integrity. Source: https://github.com/luyisi-7/CVE/issues/2 User: zc0510 (UID 90255) Submission Date: 09/15/2025 12:03 PM (8 days ago) Moderation Date: 09/21/2025 12:09 PM (6 days later) Status: Accepted VulDB Entry: 235107 [Campcodes Online Learning Management System 1.0 /admin/department.php d sql injection] Points: 20