CVE-2025-13300

CVE-2025-13300 affects itsourcecode Web-Based Internet Laboratory Management System 1.0, with SQL injection in the file /settings/controller.php. Multiple connected sources confirm an unauthenticated remote SQL injection vulnerability arising from lack of input validation, enabling attackers to e...

CVE-2025-10599

The CVE-2025-10599 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in User::AuthenticateUser within login.php triggered by manipulating the user_email parameter. Multiple connected sources confirm the issue and its public exploitation...

CVE-2025-13297

The CVE-2025-13297 entry concerns itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in the controller.php file under /course/controller.php caused by insufficient validation of externally entered SQL statements. It is exploitable remotely and, ...

CVE-2025-13299

The CVE-2025-13299 entry concerns itsourcecode Web-Based Internet Laboratory Management System 1.0. Several connected sources (CNVD-2025-29439, RH/CVE-2025-13299, CNNVD-202511-1860, PT-2025-47203) confirm a SQL injection vulnerability in the file /user/controller.php. Attack surface: remote explo...

CVE-2025-13298

The CVE-2025-13298 entry concerns itsourcecode Web-Based Internet Laboratory Management System 1.0. A SQL injection exists in the /enrollment/controller.php file arising from insufficient input validation, enabling remote manipulation and illegal SQL execution. Multiple connected sources (CNVD, N...

CVE-2025-13301

CVE-2025-13301 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in an unspecified function of /subject/controller.php that can be exploited remotely; public exploits exist. CNVD, Red Hat, NVD and other sources corroborate the issue and...