CVE-2026-2018 | itsourcecode School Management System 1.0 controller.php ID sql injection

Full Article URL: https://vuldb.com/?id.344600
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMTMwAACQNwjw_2026-02-05">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMTMwAACQNwjw_2026-02-05
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-05 20:47:36
Last retrieval: 2026-02-05 20:46:20.426440

20:47 - 05 Feb 2026

vuldb.com

A vulnerability has been found in itsourcecode School Management System 1.0 and classified as critical. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. The identification of this vulnerability is CVE-2026-2018. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

https://vuldb.com/?id.344600

Article info: