Online Project Time Management System is a web-based online project time management system that provides an online platform for a companyβs employees to report/record their assigned time or time spent on each project resubmission. online project time management system A SQL injection vulnerability exists in v1.0, which stems from a lack of validation of external input SQL statements in the id parameter of the save_employee function in /ptms/classes/Users.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.