An sqlinjection has been discovered within version 1.0.1 of https://github.com/lahirudanushka/School-Management-System---PHP-MySQL in examresults-par.php?sid=. This issue arises due the lack of input sanitization.
Root Cause
An sql injection was found in the "examresults-par.php" file of the "School-Management-System---PHP-MySQL" project. The cause of this issue is that the attacker injects malicious code from the parameter "sid". This allows the attacker to construct input values, thereby causing an sqlinjection.