CVE-2017-16561

/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt