Online Payroll System is a system for distributing payroll online. Online Payroll System v1.0 version has SQL injection vulnerability, the vulnerability originates from the /admin/deduction_row.php parameter id lack of validation of external input SQL statements, an attacker can use this vulnerability to execute illegal SQL commands to steal sensitive data from the database.