CVE-2025-10062

Name of the Vulnerable Software and Affected Versions itsourcecode Student Information Management System version 1.0

Description A vulnerability exists in itsourcecode Student Information Management System that allows for SQL injection. The issue affects an unknown part of the /admin/login.php file. Manipulation of the uname argument can lead to exploitation. The attack can be launched remotely, and the exploit has been publicly disclosed.

Recommendations As a temporary workaround, consider restricting access to the /admin/login.php file until a fix is available. Sanitize the uname argument to prevent SQL injection attacks.