CVE-2026-3980 itsourcecode Online Doctor Appointment System patient_action.php sql injection

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2026-3980 itsourcecode Online Doctor Appointment System patient_action.php sql injection

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2026-3980

CVE-2026-3980 affects the itsourcecode Online Doctor Appointment System 1.0. The vulnerability is in the /admin/patient_action.php routine, where manipulating the argument patient_id enables an SQL injection. It can be exploited remotely, and public disclosure is noted; exploitation status varies...

PT-2026-24920

🚨 CVE-2026-3981 A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor action.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit h...

PT-2026-24919

🚨 CVE-2026-3980 A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patient action.php. Such manipulation of the argument patient id leads to sql injection. The attack may be launched remotely. The exploit has be...

itsourcecode Online Doctor Appointment System SQL注入漏洞

itsourcecode Online Doctor Appointment System is an open-source online doctor appointment system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from incorrect handling of the patientid parameter in the file admin/patientaction.php. This...

itsourcecode University Management System 代码注入漏洞

itsourcecode University Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode University Management System has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “vr” in the...

CVE-2026-3944 itsourcecode University Management System att_add.php sql injection

A vulnerability was determined in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /attadd.php. This manipulation of the argument Name causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be...

CVE-2026-3944

CVE-2026-3944 affects itsourcecode University Management System 1.0. The vulnerability is in the file /att_add.php where manipulation of the Name parameter enables SQL injection, potentially exploitable remotely. Public disclosure of the exploit is indicated across sources. Connected documents do...

EUVD-2026-10315

A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manageemployeeallowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2026-3812 itsourcecode Payroll Management System manage_employee_allowances.php cross site scripting

A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manageemployeeallowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2026-3812

A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manageemployeeallowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2026-3812 itsourcecode Payroll Management System manage_employee_allowances.php cross site scripting

A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manageemployeeallowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2026-3812

The CVE-2026-3812 entry affects itsourcecode Payroll Management System 1.0. The vulnerable component is an unknown function in /manage_employee_allowances.php where manipulation of the argument ID enables cross-site scripting. Exploitation is described as remote with a publicly disclosed exploit....

CVE-2026-3765

A vulnerability is identified in itsourcecode University Management System 1.0 affecting the file /att_single_view.php. The issue stems from manipulation of the dt argument, enabling SQL injection. Exploitation can be performed remotely, and public exploits exist. Multiple connected sources (NVD,...

CVE-2026-3760 itsourcecode University Management System view_result.php sql injection

A vulnerability was detected in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /viewresult.php. Performing a manipulation of the argument seme results in sql injection. The attack is possible to be carried out remotely. The exploit is now public...

CVE-2026-3747 itsourcecode University Management System add_result.php sql injection

A vulnerability was identified in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /addresult.php. Such manipulation of the argument subject leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

CVE-2026-3740 itsourcecode University Management System admin_search_student.php sql injection

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3730

CVE-2026-3730 affects itsourcecode Free Hotel Reservation System 1.0. The flaw is a SQL injection in the file /hotel/admin/mod_amenities/index.php?view=edit, triggered by manipulating the arguments amen_id and rmtype_id. Exploitation is described as remote with a publicly released exploit. Severa...

CVE-2026-3730 itsourcecode Free Hotel Reservation System index.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...