Course Registration Management System is prone to multiple input- validation vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities 2. An SQL-injection vulnerability 3. A local file-include vulnerability Exploiting these issues could allow an attacker to execute arbitrary script code and PHP code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Course Registration Management System 2.1 is vulnerable other versions may also be affected.