CVE-2026-3149

Name of the Vulnerable Software and Affected Versions itsourcecode College Management System version 1.0

Description A flaw exists in itsourcecode College Management System 1.0 related to the file '/admin/asign-single-student-subjects.php'. Manipulation of the course code argument can result in SQL injection. This attack can be carried out remotely. The exploit for this issue is publicly available.

Recommendations Apply any available updates or patches for itsourcecode College Management System version 1.0. As a temporary workaround, restrict access to the '/admin/asign-single-student-subjects.php' file. Sanitize the course code input to prevent SQL injection.