CVE-2026-3980

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2026-4235

A weakness has been identified in itsourcecode Online Enrollment System 1.0. This issue affects some unknown processing of the file /sms/login.php. This manipulation of the argument useremail causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-4877 itsourcecode Payroll Management System index.php cross site scripting

A security flaw has been discovered in itsourcecode Payroll Management System up to 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-4877

Summary: CVE-2026-4877 affects itsourcecode Payroll Management System up to version 1.0. A flaw in the file /index.php allows manipulation of the parameter page to trigger a cross-site scripting (XSS) vulnerability. Exploitation can be performed remotely, and public exploits exist. According to t...

CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

CVE-2026-4876

CVE-2026-4876 affects the itsourcecode Free Hotel Reservation System 1.0. The vulnerability is in the unknown function of the file /admin/mod_amenities/index.php?view=editpic, where manipulation of the argument ID enables an SQL injection. The attack can be performed remotely, and a public exploi...

CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842 itsourcecode Online Enrollment System Parameter index.php sql injection

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842 itsourcecode Online Enrollment System Parameter index.php sql injection

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842

The CVE-2026-4842 entry concerns the itsourcecode Online Enrollment System 1.0. It targets the parameter handling code in /sms/grades/index.php?view=edit&id=1, where manipulating deptid enables an SQL injection. The vulnerability is exploitable remotely and publicly disclosed. Affected component:...

PT-2026-28657

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A manipulation of the image argument in the file '/admin/mod amenities/index.php?view=add' causes unrestricted upload. The attack can be carried out remotely. The exploit has...

itsourcecode Payroll Management System 代码注入漏洞

itsourcecode Payroll Management System is an open-source payroll management system developed by itsourcecode. Versions of itsourcecode Payroll Management System 1.0 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in the...

PT-2026-28658

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A flaw exists in itsourcecode Free Hotel Reservation System 1.0. Manipulation of the ID argument in a file, /admin/mod amenities/index.php?view=editpic, can lead to SQL...

CVE-2026-4783 itsourcecode College Management System Parameter add-single-student-results.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

CVE-2026-4783

The CVE concerns itsourcecode College Management System 1.0. The vulnerability is in the Parameter Handler of the /admin/add-single-student-results.php file, where manipulating the course_code argument causes SQL injection. It can be exploited remotely and the exploit has been disclosed publicly....

itsourcecode College Management System SQL注入漏洞

itsourcecode College Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode College Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter coursecode in the file...

CVE-2026-4632

A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/user/index.php?view=add of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack may be performed fr...