CVE-2026-3068

CVE-2026-3068 affects itsourcecode Document Management System 1.0. The vulnerability resides in /deluser.php, where manipulating the user2del parameter allows remote SQL injection. Multiple connected sources confirm the flaw, its remote exploitability, and public availability of the exploit. PT-2...

CVE-2026-2116

A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/editexpenses.php. Such manipulation of the argument expensesid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2026-2116 itsourcecode Society Management System edit_expenses.php sql injection

A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/editexpenses.php. Such manipulation of the argument expensesid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2026-2116

CVE-2026-2116 affects itsourcecode Society Management System 1.0. An SQL injection vulnerability exists in the admin/edit_expenses.php file triggered by manipulating the expenses_id argument, with remote access possible. Multiple sources confirm the flaw and public exploitation has been disclosed...

CVE-2026-2115

CVE-2026-2115 affects itsourcecode Society Management System 1.0. The flaw is in processing of /admin/delete_expenses.php where manipulation of the expenses_id parameter leads to SQL injection. It is remotely exploitable and exploits have been published across multiple feeds (NVD/Red Hat/CVE list...

PT-2026-6936

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A flaw exists in itsourcecode Society Management System 1.0 that allows for remote SQL injection. The issue is located in the /admin/edit expenses.php file, specifically through...

itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the adminid parameter in the...

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2026-2014 itsourcecode Student Management System index.php sql injection

A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

PT-2026-6705

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A flaw exists in itsourcecode Student Management System 1.0. The issue involves the manipulation of the ID argument within an unknown function of the...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open-source student management system developed by itsourcecode. Version 1.0 of the itsourcecode Student Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file...

CVE-2026-1593

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editexpensesquery.php. Executing a manipulation of the argument detail can lead to sql injection. The attack may be launched remotely. The...

EUVD-2026-4952

A vulnerability was detected in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editstudentquery.php. The manipulation of the argument studentid results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-1595 itsourcecode Society Management System edit_student_query.php sql injection

A vulnerability was detected in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editstudentquery.php. The manipulation of the argument studentid results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-1593

CVE-2026-1593 affects itsourcecode Society Management System 1.0. An unauthenticated attacker can exploit a SQL injection via the detail argument in /admin/edit_expenses_query.php. The vulnerability is remote and an exploit has been published publicly; remediation details are not provided in the ...

ITSsourcecode School Management System SQL Injection Vulnerability

itsourcecode School Management System is an open-source school management system developed by itsourcecode. Version 1.0 of itsourcecode School Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameter IDs in the file...

CVE-2026-1545

Summary: CVE-2026-1545 affects itsourcecode School Management System 1.0. The vulnerability is a SQL injection in the file /course/index.php, triggered by manipulating the ID parameter. The underlying issue is an unknown function handling ID, enabling remote exploitation. Public exploits are note...

CVE-2026-1159

CVE-2026-1159 affects itsourcecode Online Frozen Foods Ordering System 1.0. The issue arises from processing of the file /order_online.php, where manipulating the argument product_name can lead to an SQL injection. The vulnerability can be exploited remotely, and public proofs-of-concept exist ac...

CVE-2026-1119 itsourcecode Society Management System delete_activity.php sql injection

A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/deleteactivity.php. Executing a manipulation of the argument activityid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-1118

A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/addactivity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...