A vulnerability, which was classified as critical, was found in code-projects Simple School Managment System 1.0. This affects an unknown part of the file School/index.php. The manipulation of the argument aname leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-25306. The attack needs to be initiated within the local network. There is no exploit available.