CVE-2018-25201
The CVE-2018-25201 entry concerns the School Management System CMS 1.0. The connected sources confirm an SQL injection vulnerability in the admin login, exploitable via the username parameter on the processlogin endpoint to bypass authentication and log in as an administrator without valid creden...