CVE-2025-14578

CVE-2025-14578 affects itsourcecode Student Management System 1.0. The vulnerability is a SQL injection in an unknown function of the file /update_account.php caused by manipulation of the ID parameter, exploitable remotely without authentication (attack vector: NETWORK). Multiple connected sourc...

PT-2025-50976

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A flaw exists in itsourcecode Student Management System 1.0. The issue involves the manipulation of the ID argument within an unknown function of the /update account.php file,...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /updateaccount.php, which...

CVE-2025-14337

A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /newgrade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-14334

A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newadviser.php. Executing manipulation of the argument Name can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-14335

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newschoolyear.php. The manipulation of the argument sy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-14336

A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and...

Student Management System /newcurriculm.php File SQL Injection Vulnerability

Student Management System is a student management system. Student Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /newcurriculm.php. An attacker can exploit this vulnerabili...

EUVD-2025-202311

A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /newgrade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized...

EUVD-2025-202305

A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and...

EUVD-2025-202317

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newschoolyear.php. The manipulation of the argument sy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-14337

A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /newgrade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-14337 itsourcecode Student Management System new_grade.php sql injection

A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /newgrade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-14337 itsourcecode Student Management System new_grade.php sql injection

A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /newgrade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-14336

A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and...

CVE-2025-14336

A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and...

CVE-2025-14335

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newschoolyear.php. The manipulation of the argument sy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-14335

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newschoolyear.php. The manipulation of the argument sy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-14334

A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newadviser.php. Executing manipulation of the argument Name can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-14336 itsourcecode Student Management System promote.php sql injection

A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and...