EduSec version 4.2.5 suffers from multiple remote SQL injection vulnerabilities.