Any communication made with the database is vulnerable to SQL Injection

Analyzing the source code of the application, we note the possibility of breaking the database queries without any type of authentication, so it is possible to manipulate them, making them bring unexpected results by the application, or even bypass the authentication and escalate privileges.