CVE-2025-14256

Summary: CVE-2025-14256 affects itsourcecode Stock Management System 1.0 (Student Management System) via SQL injection in the file /newcurriculm.php, triggered by manipulating the ID parameter. The issue arises from lack of validation of externally entered SQL statements, enabling remote executio...

CVE-2025-14256 itsourcecode Student Management System newcurriculm.php sql injection

A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used...

CVE-2025-14256 itsourcecode Student Management System newcurriculm.php sql injection

A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used...

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14226 itsourcecode Student Management System edit_user.php sql injection

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14226

CVE-2025-14226 affects itsourcecode Student Management System 1.0 with a SQL injection in /edit_user.php via the fname parameter. Exploitation can be remote; public PoC exists. Public reports (CNVD/Red Hat/NVD) confirm the flaw. Remediation guidance suggests sanitizing/validating the fname parame...

CVE-2025-14226 itsourcecode Student Management System edit_user.php sql injection

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14214

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

CVE-2025-14214

CVE-2025-14214 affects itsourcecode Student Information System 1.0. The vulnerability is a SQL injection in the file /section_edit1.php caused by manipulation of the ID parameter. Remote exploitation is possible and exploits have been publicly disclosed. Multiple connected sources confirm the iss...

itsourcecode Student Information System SQL注入漏洞

itsourcecode Student Information System is an open source student information system by itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Information System, which stems from incorrect manipulation of the parameter ID in the file /sectionedit1.php, which...

itsourcecode Student Management System SQL注入漏洞

Student Management System is a student management system. Student Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /newcurriculm.php. An attacker can exploit this vulnerabili...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from an incorrect manipulation of the parameter sub in the file /newsubject.php, which...

PT-2025-49504

Name of the Vulnerable Software and Affected Versions itsourcecode Student Information System version 1.0 Description A SQL injection issue exists in itsourcecode Student Information System 1.0. The issue is located in an unknown part of the file '/section edit1.php'. Manipulation of the ID...

itsourcecode Student Management System SQL注入漏洞

Student Management System is a student management system. Student Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /edituser.php. The vulnerability can be exploited to...

itsourcecode Student Management System 安全漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from an incorrect manipulation of the parameter ID in the file /newrecord.php, which could le...

CVE-2025-13581

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /scheduleedit1.php. Such manipulation of the argument scheduleid leads to sql injection. The attack may be launched remotely. The exploit is public...

CVE-2025-13585

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-13581

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /scheduleedit1.php. Such manipulation of the argument scheduleid leads to sql injection. The attack may be launched remotely. The exploit is public...