Itsourcecode

itsourcecode Courier Management System 1.0 is vulnerable to SQL injection (CVE-2026-9606) via the /manage_user.php file, allowing remote attackers to manipulate the ID argument and potentially execute arbitrary SQL commands.

A SQL injection vulnerability exists in itsourcecode Student Transcript Processing System 1.0 in the `/admin/modules/class/index.php?view=view` component; the vulnerability is triggered by manipulating the `ID` argument, potentially enabling remote attackers to execute arbitrary SQL commands.

itsourcecode Student Transcript Processing System 1.0 is vulnerable to SQL injection via the studentId/cid parameter in the /admin/modules/student/trans.php file, allowing remote attackers to manipulate database queries.

CVE-2026-9573 is a SQL injection vulnerability in itsourcecode Student Transcript Processing System 1.0, allowing a remote attacker to execute arbitrary SQL commands by manipulating the studentId parameter in the /admin/modules/student/index.php?view=view file.

itsourcecode Electronic Judging System 1.0 is vulnerable to SQL injection via the judge_id parameter in /admin/delete_judge.php, allowing remote attackers to execute arbitrary SQL queries.

A SQL injection vulnerability exists in itsourcecode Electronic Judging System version 1.0, specifically affecting the /admin/edit_team.php file, where an attacker can remotely manipulate the 'num_id' argument to execute arbitrary SQL commands.

A SQL Injection vulnerability exists in itsourcecode Electronic Judging System version 1.0 in the /admin/edit_judge.php file. By manipulating the judge_id argument, an attacker could execute arbitrary SQL commands on the system. The vulnerability can be triggered remotely and has a public exploit available.

CVE-2026-9383 is a SQL injection vulnerability in itsourcecode Electronic Judging System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the Username parameter in the /intrams/admin/login.php file.

itsourcecode Courier Management System 1.0 is vulnerable to SQL Injection via the ID parameter in /edit_staff.php, potentially allowing remote attackers to execute arbitrary SQL commands.

A SQL injection vulnerability exists in itsourcecode Construction Management System version 1.0, affecting the processing of the /locations.php file, allowing a remote attacker to inject SQL commands by manipulating the 'address' argument, with a publicly available exploit.

A remote SQL injection vulnerability (CVE-2026-7555) exists in itsourcecode Electronic Judging System 1.0 via manipulation of the Username argument in the /intrams/login.php file, potentially leading to unauthorized data access and modification.