SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php.