A vulnerability, which was classified as critical, was found in SourceCodester Visitor Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244308.

Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /avms/edit-apartment.php.