Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the searccountry parameter.