itsourcecode Student Information Management System SQL注入漏洞

itsourcecode Student Information Management System is an open source student information management system from itsourcecode. A SQL injection vulnerability exists in itsourcecode Student Information Management System version 1.0, which is caused by incorrect manipulation of a parameter ID that...

CVE-2025-10063

The CVE concerns itsourcecode POS Point of Sale System 1.0 with a Cross-Site Scripting (XSS) vulnerability in the file /inventory/main/vendors/datatables/unit_testing/templates/deferred_table.php. The root cause is lack of proper filtering/escaping of input in the scripts parameter, enabling an a...

CVE-2025-9838

CVE-2025-9838 affects itsourcecode Student Information Management System 1.0. The vulnerability is an SQL injection in the unknown function of the file /admin/modules/subject/index.php caused by manipulation of the ID parameter. The issue can be exploited remotely and there are public exploit mat...

CVE-2025-9837 itsourcecode Student Information Management System index.php sql injection

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9792 itsourcecode Apartment Management System e_all_info.php sql injection

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /edashboard/eallinfo.php. Such manipulation of the argument mid leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-9764 itsourcecode Sports Management System resultdetails.php sql injection

A flaw has been found in itsourcecode Sports Management System 1.0. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

PT-2025-35468

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System version 1.0 Description: A vulnerability exists in itsourcecode Sports Management System 1.0. The manipulation of the code argument in the file /Admin/mode.php can lead to SQL injection. The attack can be...

CVE-2025-9679 itsourcecode Student Information System course_edit1.php sql injection

A security vulnerability has been detected in itsourcecode Student Information System 1.0. This affects an unknown function of the file /courseedit1.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-9679

CVE-2025-9679 affects itsourcecode Student Information System 1.0. The SQL injection vulnerability originates from manipulating the ID parameter in /course_edit1.php, enabling remote exploitation. Multiple connected feeds describe a publicly disclosed exploit with potential impact on confidential...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter txtMonthName in the file /setting/monthsetup.php. An attacker c...

CVE-2025-9596 itsourcecode Sports Management System login.php sql injection

A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter usid in the file /report/unitstatusinfo.php. An attacker can exploit...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements for parameter ID in file /management/addmcommittee.php. An attacker can exploit th...

CVE-2025-9426 itsourcecode Online Tour and Travel Management System package.php sql injection

A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been...

CVE-2025-9425 itsourcecode Online Tour and Travel Management System enquiry.php sql injection

A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulation of the argument pid results in sql injection. The attack is possible to be carried out remotely...

CVE-2025-9425

The CVE-2025-9425 entry concerns itsourcecode Online Tour and Travel Management System v1.0. The vulnerability is described as a SQL injection in the /enquiry.php file caused by manipulating the pid parameter, with remote exploitation reportedly possible and the exploit publicly released. Multipl...

itsourcecode Online Tour and Travel Management System 安全漏洞

itsourcecode Online Tour and Travel Management System is an open source online tour and travel management system from itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by a SQL injection due to misuse of the...

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system. An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which originates from a SQL injection due to incorrect...

CVE-2025-9009

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...

CVE-2025-8993

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...