Zhangchao404

**Name of the Vulnerable Software and Affected Versions** itsourcecode College Management System version 1.0 **Description** A flaw exists in itsourcecode College Management System 1.0 related to the file '/admin/asign-single-student-subjects.php'. Manipulation of the `course code` argument can result in SQL injection. This attack can be carried out remotely. The exploit for this issue is publicly available. **Recommendations** Apply any available updates or patches for itsourcecode College Management System version 1.0. As a temporary workaround, restrict access to the '/admin/asign-single-student-subjects.php' file. Sanitize the `course code` input to prevent SQL injection.

**Nome do Software Vulnerável e Versões Afetadas** itsourcecode College Management System versão 1.0 **Descrição** Existe um problema de segurança no itsourcecode College Management System versão 1.0. A manipulação do argumento `teacher id` no arquivo `/admin/display-teacher.php` pode levar a uma injeção de SQL. Este ataque pode ser realizado remotamente. O exploit para este problema foi divulgado publicamente. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** itsourcecode College Management System version 1.0 **Description** A flaw exists in itsourcecode College Management System 1.0. The issue is due to SQL injection within the `/login/login.php` file. Manipulating the `email` argument can lead to a successful exploit. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.