Faculty Evaluation System is a faculty evaluation system. Faculty Evaluation System v1.0 suffers from a SQL injection vulnerability, which originates from a SQL injection in /eval/admin/view_faculty.php?id. An attacker can exploit this vulnerability by inserting SQL commands into the query string of a web form submission or input domain name or page request to eventually trick the server into executing malicious SQL commands.