PT-2025-50220

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A flaw exists in itsourcecode Student Management System 1.0. The issue is related to the manipulation of the grade argument within the /new grade.php file, leading to a SQL injecti...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from an incorrect operation of the parameter sy in the file /promote.php, which could le...

CVE-2025-14258

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument sub leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...

CVE-2025-14258 itsourcecode Student Management System newsubject.php sql injection

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument sub leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...

CVE-2025-14258 itsourcecode Student Management System newsubject.php sql injection

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument sub leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...

CVE-2025-14257

A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newrecord.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-14257 itsourcecode Student Management System newrecord.php sql injection

A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newrecord.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-14257 itsourcecode Student Management System newrecord.php sql injection

A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newrecord.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-14256

Summary: CVE-2025-14256 affects itsourcecode Stock Management System 1.0 (Student Management System) via SQL injection in the file /newcurriculm.php, triggered by manipulating the ID parameter. The issue arises from lack of validation of externally entered SQL statements, enabling remote executio...

CVE-2025-14256 itsourcecode Student Management System newcurriculm.php sql injection

A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used...

CVE-2025-14256 itsourcecode Student Management System newcurriculm.php sql injection

A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used...

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14226

CVE-2025-14226 affects itsourcecode Student Management System 1.0 with a SQL injection in /edit_user.php via the fname parameter. Exploitation can be remote; public PoC exists. Public reports (CNVD/Red Hat/NVD) confirm the flaw. Remediation guidance suggests sanitizing/validating the fname parame...

CVE-2025-14226 itsourcecode Student Management System edit_user.php sql injection

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14226 itsourcecode Student Management System edit_user.php sql injection

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

CVE-2025-14214

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

CVE-2025-14214

CVE-2025-14214 affects itsourcecode Student Information System 1.0. The vulnerability is a SQL injection in the file /section_edit1.php caused by manipulation of the ID parameter. Remote exploitation is possible and exploits have been publicly disclosed. Multiple connected sources confirm the iss...

CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

PT-2025-49504

Name of the Vulnerable Software and Affected Versions itsourcecode Student Information System version 1.0 Description A SQL injection issue exists in itsourcecode Student Information System 1.0. The issue is located in an unknown part of the file '/section edit1.php'. Manipulation of the ID...