itsourcecode Electronic Judging System SQL Injection Vulnerability (CVE-2026-9383)

A SQL injection vulnerability, identified as CVE-2026-9383, affects itsourcecode Electronic Judging System version 1.0. The vulnerability is located in the /intrams/admin/login.php file and can be exploited by manipulating the Username argument. This allows a remote attacker to inject arbitrary SQL commands into the application’s database queries. The exploit is publicly available, increasing the risk of widespread exploitation. Successful exploitation could lead to unauthorized access to sensitive data, modification of database records, or complete compromise of the application and underlying system.

Attack Chain

1. The attacker identifies an instance of itsourcecode Electronic Judging System 1.0 running the vulnerable /intrams/admin/login.php script.
2. The attacker crafts a malicious HTTP request targeting the login page (/intrams/admin/login.php).
3. The attacker injects SQL code into the Username parameter of the HTTP POST request.
4. The application executes the injected SQL code against its database due to insufficient input sanitization.
5. The attacker bypasses authentication by manipulating the SQL query to return valid credentials.
6. The attacker gains unauthorized administrative access to the application.
7. The attacker uses the administrative access to further compromise the system, such as uploading a webshell or modifying data.
8. The attacker could exfiltrate sensitive data from the database or pivot to other systems on the network.

Impact

Successful exploitation of CVE-2026-9383 can lead to complete compromise of the itsourcecode Electronic Judging System. This includes unauthorized access to sensitive data, modification of database records, and the potential for further lateral movement within the network. The vulnerability is remotely exploitable and has a CVSS v3.1 score of 7.3 (HIGH), indicating a significant risk to organizations using the affected software. Given the public availability of the exploit, organizations are at increased risk of attack.

Recommendation

• Apply input validation and sanitization to all user-supplied data, especially the Username parameter in /intrams/admin/login.php, to mitigate CVE-2026-9383.
• Deploy the Sigma rule “Detect CVE-2026-9383 Exploitation Attempt via SQL Injection” to identify potential exploitation attempts in web server logs.
• Implement the Sigma rule “Detect Successful SQL Injection Login Bypass” to identify successful attempts to bypass authentication.
• Monitor web server logs for suspicious POST requests to /intrams/admin/login.php containing SQL syntax in the Username parameter, as detected by the Sigma rule “Detect CVE-2026-9383 Exploitation Attempt via SQL Injection”.