Online Fire Reporting System is an online fire reporting system from Carlo Monteroβs personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=requests/ view_request&id=Lack of validation of external input SQL statements, an attacker can use the vulnerability to execute illegal SQL commands to steal sensitive data from the database.