An sqlinjection has been discovered within version 1.0.1 of https://github.com/lahirudanushka/School-Management-System---PHP-MySQL in subject.php?update=. This issue arises due the lack of input sanitization.
Root Cause
An sql injection was found in the "subject.php" file of the "School-Management-System---PHP-MySQL" project. The cause of this issue is that the attacker injects malicious code from the parameter "update". This allows the attacker to construct input values, thereby causing an sqlinjection.