PT-2026-7023

Name of the Vulnerable Software and Affected Versions itsourcecode School Management System version 1.0 Description A security flaw exists in itsourcecode School Management System 1.0. The issue involves SQL injection stemming from the manipulation of the ID argument within an unknown function of...

PT-2026-6992

Name of the Vulnerable Software and Affected Versions itsourcecode Directory Management System version 1.0 Description A flaw exists in itsourcecode Directory Management System that allows for remote code execution. The issue is located within the /admin/forget-password.php file. Specifically,...

itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the expensesid parameter in the file...

CVE-2026-2117

CVE-2026-2117 affects itsourcecode Society Management System 1.0. The vulnerability is in the file /admin/edit_activity.php where manipulating the activity_id parameter results in a remote SQL injection. Exploit appears to be publicly available. Remediation guidance in connected sources suggests ...

CVE-2026-2116 itsourcecode Society Management System edit_expenses.php sql injection

A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/editexpenses.php. Such manipulation of the argument expensesid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2026-2116

CVE-2026-2116 affects itsourcecode Society Management System 1.0. An SQL injection vulnerability exists in the admin/edit_expenses.php file triggered by manipulating the expenses_id argument, with remote access possible. Multiple sources confirm the flaw and public exploitation has been disclosed...

CVE-2026-2115

CVE-2026-2115 affects itsourcecode Society Management System 1.0. The flaw is in processing of /admin/delete_expenses.php where manipulation of the expenses_id parameter leads to SQL injection. It is remotely exploitable and exploits have been published across multiple feeds (NVD/Red Hat/CVE list...

CVE-2026-2115 itsourcecode Society Management System delete_expenses.php sql injection

A flaw has been found in itsourcecode Society Management System 1.0. This issue affects some unknown processing of the file /admin/deleteexpenses.php. This manipulation of the argument expensesid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published...

CVE-2026-2114 itsourcecode Society Management System edit_admin.php sql injection

A vulnerability was detected in itsourcecode Society Management System 1.0. This vulnerability affects unknown code of the file /admin/editadmin.php. The manipulation of the argument adminid results in sql injection. The attack may be performed from remote. The exploit is now public and may be us...

CVE-2026-2014

A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

PT-2026-6874

Name of the Vulnerable Software and Affected Versions itsourcecode School Management System version 1.0 Description A flaw exists in itsourcecode School Management System 1.0 that allows for SQL injection. This occurs through manipulation of the ID argument within the file...

PT-2026-6937

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A flaw exists in itsourcecode Society Management System version 1.0 that allows for remote SQL injection. The issue is located in the /admin/edit activity.php file, specifically...

PT-2026-6936

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A flaw exists in itsourcecode Society Management System 1.0 that allows for remote SQL injection. The issue is located in the /admin/edit expenses.php file, specifically through...

PT-2026-6935

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A flaw exists in the processing of the /admin/delete expenses.php file within itsourcecode Society Management System. Manipulation of the expenses id argument can lead to SQL...

itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the expensesid parameter in the file...

itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the adminid parameter in the...

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2026-2018

The CVE affects itsourcecode School Management System 1.0. The weakness is in /ramonsys/settings/controller.php where manipulation of the ID argument triggers SQL injection, with remote exploitation possible and an exploit published. Multiple sources corroborate: Red Hat and CVE records describe ...

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2026-2013

A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used...