CVE-2026-3730 itsourcecode Free Hotel Reservation System index.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/modamenities/index.php?view=edit. Performing a manipulation of the argument amenid/rmtypeid results in sql injection. The attack is possible ...

itsourcecode University Management System SQL注入漏洞

itsourcecode University Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode University Management System has a SQL injection vulnerability. This vulnerability arises from manipulating the parameters in the file...

itsourcecode University Management System SQL注入漏洞

itsourcecode University Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode University Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the seme parameter in the...

CVE-2026-3486 itsourcecode College Management System student-fee.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument rollno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed t...

CVE-2026-3413 itsourcecode University Management System admin_single_student.php sql injection

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

CVE-2026-3413 itsourcecode University Management System admin_single_student.php sql injection

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

CVE-2026-3413

CVE-2026-3413 affects itsourcecode University Management System 1.0. The vulnerability is in the /admin_single_student.php (also noted as /admin single student.php) code path where manipulating the ID argument allows SQL injection. Access is described as remote, and exploits have been published. ...

CVE-2026-3412 itsourcecode University Management System att_single_view.php cross site scripting

A vulnerability was detected in itsourcecode University Management System 1.0. This affects an unknown part of the file /attsingleview.php. The manipulation of the argument dt results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-3412

The CVE-2026-3412 entry concerns itsourcecode University Management System 1.0. The vulnerability is in /att_single_view.php where manipulating the dt parameter yields cross-site scripting (XSS). It is exploitable remotely, with the exploit publicly available, and CVSS data indicates a MEDIUM imp...

CVE-2026-3410

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...

CVE-2026-3411

The CVE-2026-3411 entry concerns itsourcecode University Management System 1.0. The vulnerability is a SQL injection in the /admin_single_student_update.php function, exploitable by manipulating the ID parameter. Remote exploitation is possible, and public exploits have been disclosed. According ...

CVE-2026-3410

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...

CVE-2026-3410

CVE-2026-3410 affects itsourcecode Society Management System 1.0. The vulnerability resides in an unknown functionality of /admin/check_studid.php, where manipulating the student_id parameter enables SQL injection. Exploitation is described as possible remotely and publicly available, with high-s...

itsourcecode University Management System 代码注入漏洞

itsourcecode University Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode University Management System has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “dt” in the file...

itsourcecode University Management System SQL注入漏洞

itsourcecode University Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode University Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the...

CVE-2026-3261

A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component Setting Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published an...

CVE-2026-3261 itsourcecode School Management System Setting index.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component Setting Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published an...

CVE-2026-3261

Concretely affects itsourcecode School Management System 1.0. The vulnerability is in the /settings/index.php file of the Setting Handler, where manipulation of the ID argument enables SQL injection. Exploitation can be remote and a PoC/public exploit exists. Multiple sources (NVD, Red Hat, EUVD,...

CVE-2026-3152

A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacherid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published a...

CVE-2026-3153

A vulnerability has been found in itsourcecode Document Management System 1.0. Impacted is an unknown function of the file /register.php. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public a...