Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5 ". Exploiting this issue could allow an attacker to ...