Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
itsourcecode College Management System 1.0: Email SQL Injection Risk
CVE-2026-3151
Summary
The itsourcecode College Management System 1.0 has a security issue with its login feature. If an attacker knows how to manipulate the email field when logging in, they may be able to access sensitive data or take control of the system. Update the system immediately to protect against potential attacks.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| angeljudesuarez | college_management_system | 1.0 | – |
Original title
A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in s...
Original description
A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
9.8
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
- https://github.com/Zhangchao404/cve/issues/3 Exploit Third Party Advisory
- https://itsourcecode.com/ Product
- https://vuldb.com/?ctiid.347659 Permissions Required VDB Entry
- https://vuldb.com/?id.347659 Third Party Advisory VDB Entry
- https://vuldb.com/?submit.758830 Third Party Advisory VDB Entry
Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026