CVE-2022-28009
The CVE-2022-28009 issue concerns Attendance and Payroll System v1.0, where a SQL injection vulnerability exists in the PHP component admin/attendance_delete.php. The root cause is lack of input validation for external SQL statements, enabling attackers to execute unauthorized queries and potenti...