Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.8
Cross-Site Scripting in itsourcecode University Management System 1.0
CVE-2026-4356
Summary
A security flaw in itsourcecode University Management System 1.0 can allow hackers to inject malicious code into the system, potentially allowing them to access sensitive information or take control of the system. This could happen when a user inputs something in the 'add_result' section. Users of this system should update to the latest version as soon as possible to fix the issue.
Original title
A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross si...
Original description
A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.
nvd CVSS2.0
3.3
nvd CVSS3.1
2.4
nvd CVSS4.0
4.8
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 18 Mar 2026 · Updated: 18 Mar 2026 · First seen: 18 Mar 2026