12 matches found
CVE-2026-0544
The CVE-2026-0544 reports a SQL injection in itsourcecode School Management System 1.0, triggered by manipulating the ID parameter in /student/index.php. This allows remote exploitation and, per connected sources, exploits have been publicly released. The root cause is improper handling/validatio...
CVE-2026-1701
CVE-2026-1701 affects itsourcecode School Management System 1.0. The vulnerability arises from manipulating the ID parameter in /enrollment/index.php, leading to SQL injection with a remote attack vector. Public exploits have been disclosed. Multiple connected sources corroborate the existence of...
CVE-2026-2073
CVE-2026-2073 affects itsourcecode School Management System 1.0. The vulnerability is a SQL injection in /ramonsys/user/index.php caused by manipulating the ID argument, exploitable remotely with public exploit disclosure. Multiple sources describe impact on confidentiality, integrity, and availa...
CVE-2026-2013
CVE-2026-2013 affects itsourcecode Student Management System 1.0. Vulnerable component: /ramonsys/soa/index.php; flaw involves manipulating the ID parameter to trigger SQL injection. Attack can be launched remotely; exploit publicly available. CVSS metrics indicate high/critical impact (up to 9.8...
CVE-2026-1176
CVE-2026-1176 affects itsourcecode School Management System 1.0. The vulnerability is in the file /subject/index.php where manipulating the argument ID enables remote SQL injection. The description indicates the exploit is publicly available, implying potential in-the-wild use. No specific patch ...
CVE-2026-2190
The CVE-2026-2190 entry affects itsourcecode School Management System 1.0, specifically the file /ramonsys/user/controller.php where SQL injection is triggered by manipulating the ID argument. Multiple connected feeds (Red Hat, NVD, CVE lists, PT Security) confirm remote exploitation possibility,...
CVE-2026-2012
The CVE-2026-2012 vulnerability affects itsourcecode Student Management System 1.0. The flaw is a SQL injection caused by manipulation of the ID argument in /ramonsys/facultyloading/index.php, enabling remote exploitation. Public disclosures exist for the exploit. Remediation guidance across sour...
CVE-2026-2014
CVE-2026-2014 affects itsourcecode Student Management System 1.0. The vulnerability is a SQL injection in the /ramonsys/billing/index.php file triggered by manipulating the ID argument. Exploitation is described as remote and the exploit publicly released, indicating practical risk. No vendor-spe...
CVE-2026-2189
CVE-2026-2189 affects itsourcecode School Management System 1.0. The vulnerability is in the /ramonsys/report/index.php file, where the ay argument can be manipulated to trigger a SQL injection. It can be exploited remotely and publicly available exploits exist. The Red Hat/NVD entries and relate...
CVE-2026-3261
Concretely affects itsourcecode School Management System 1.0. The vulnerability is in the /settings/index.php file of the Setting Handler, where manipulation of the ID argument enables SQL injection. Exploitation can be remote and a PoC/public exploit exists. Multiple sources (NVD, Red Hat, EUVD,...
CVE-2026-2011
The CVE-2026-2011 entry concerns itsourcecode Student Management System 1.0. The vulnerability is a SQL injection in the file /ramonsys/enrollment/controller.php caused by manipulating the ID argument in an unknown function. It is exploitable remotely and the exploit has been made public, indicat...
CVE-2026-2018
The CVE affects itsourcecode School Management System 1.0. The weakness is in /ramonsys/settings/controller.php where manipulation of the ID argument triggers SQL injection, with remote exploitation possible and an exploit published. Multiple sources corroborate: Red Hat and CVE records describe ...