Itsourcecode · Itsourcecode Student Information System · CVE-2025-13325
**Name of the Vulnerable Software and Affected Versions**
itsourcecode Student Information System version 1.0
**Description**
A SQL injection issue exists in itsourcecode Student Information System version 1.0. Manipulation of the `en id` argument within the /enrollment edit1.php file can lead to SQL injection. This attack can be performed remotely. The exploit has been publicly disclosed.
**Recommendations**
Address the SQL injection issue by sanitizing or validating the `en id` argument in the /enrollment edit1.php file.