Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
itsourcecode College Management System SQL Injection Risk
CVE-2026-3149
Summary
A remote attacker could use a specially crafted input to access unauthorized data in the itsourcecode College Management System. This could lead to sensitive information being accessed or modified. Users of the system should update to a fixed version to mitigate this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| angeljudesuarez | college_management_system | 1.0 | – |
Original title
A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a ...
Original description
A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a manipulation of the argument course_code can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
nvd CVSS2.0
6.5
nvd CVSS3.1
8.8
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
- https://github.com/Zhangchao404/cve/issues/1 Exploit Issue Tracking Mitigation Third Party Advisory
- https://itsourcecode.com/ Product
- https://vuldb.com/?ctiid.347657 Permissions Required VDB Entry
- https://vuldb.com/?id.347657 Third Party Advisory VDB Entry
- https://vuldb.com/?submit.758828 Third Party Advisory VDB Entry
Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026