1. Vulnerability Overview:

2. Description:

An sqlinjection has been discovered within version 1.0.1 of https://github.com/lahirudanushka/School-Management-System---PHP-MySQL in teacher.php?update= This issue arises due the lack of input sanitization.

Root Cause

An sql injection was found in the "teacher.php" file of the "School-Management-System---PHP-MySQL" project. The cause of this issue is that the attacker injects malicious code from the parameter "update". This allows the attacker to construct input values, thereby causing an sqlinjection.

Untitled

3. Steps to reproduce: