Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
itsourcecode College Management System: SQL Injection via Course Code
CVE-2026-4783
Summary
A weakness in the College Management System's handling of course codes allows an attacker to inject malicious SQL code, potentially exposing sensitive data or disrupting the system. This issue affects remote access to the system. Users are advised to update the software to the latest version.
Original title
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Paramete...
Original description
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument course_code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 25 Mar 2026 · Updated: 25 Mar 2026 · First seen: 25 Mar 2026