141 matches found
CVE-2026-3410
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...
CVE-2026-3410
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...
CVE-2026-3410
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...
CVE-2026-3410 itsourcecode Society Management System check_studid.php sql injection
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...
CVE-2026-3410 itsourcecode Society Management System check_studid.php sql injection
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...
CVE-2026-3410
CVE-2026-3410 affects itsourcecode Society Management System 1.0. The vulnerability resides in an unknown functionality of /admin/check_studid.php, where manipulating the student_id parameter enables SQL injection. Exploitation is described as possible remotely and publicly available, with high-s...
itsourcecode Society Management System SQL注入漏洞
itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter studentid in the file...
PT-2026-22541
Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A weakness exists in an unknown functionality of the file /admin/check studid.php. Manipulation of the student id argument can lead to SQL injection. The attack can be launched...
CVE-2026-26464
Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...
CVE-2026-26464
Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...
PT-2026-21535
Name of the Vulnerable Software and Affected Versions Society Management System Portal version 1.0 Description A stored Cross-Site Scripting XSS issue exists in the /admin/edit user.php page. This allows remote attackers to inject and store arbitrary JavaScript code, which is then executed in...
CVE-2026-26464
Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...
CVE-2026-26464
Stored XSS in Society Management System Portal V1.0: the /admin/edit_user.php page accepts a name parameter via POST, which can store and execute arbitrary JavaScript when viewed by users (including admins). The provided documents describe the vulnerability and its vector but do not specify affec...
CVE-2026-2115
A flaw has been found in itsourcecode Society Management System 1.0. This issue affects some unknown processing of the file /admin/deleteexpenses.php. This manipulation of the argument expensesid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published...
CVE-2026-2114
A vulnerability was detected in itsourcecode Society Management System 1.0. This vulnerability affects unknown code of the file /admin/editadmin.php. The manipulation of the argument adminid results in sql injection. The attack may be performed from remote. The exploit is now public and may be us...
CVE-2026-2116
A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/editexpenses.php. Such manipulation of the argument expensesid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...
CVE-2026-2117
A vulnerability was found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/editactivity.php. Performing a manipulation of the argument activityid results in sql injection. The attack can be initiated remotely. The exploit has been made...
itsourcecode Society Management System SQL注入漏洞
itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the expensesid parameter in the file...
CVE-2026-2117
CVE-2026-2117 affects itsourcecode Society Management System 1.0. The vulnerability is in the file /admin/edit_activity.php where manipulating the activity_id parameter results in a remote SQL injection. Exploit appears to be publicly available. Remediation guidance in connected sources suggests ...
CVE-2026-2117
A vulnerability was found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/editactivity.php. Performing a manipulation of the argument activityid results in sql injection. The attack can be initiated remotely. The exploit has been made...