SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_stat_update.php.
https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-1.md