Judging Management System is a judging management system. Judging Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the id parameter of /php-jms/deductScores.php. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.