CVE-2025-9156

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System version 1.0

Description: A SQL injection issue exists in itsourcecode Sports Management System version 1.0. The issue is located in an unknown function within the /Admin/sports.php file. Manipulation of the code argument can trigger the injection. Remote exploitation is possible. The exploit has been made public.

Recommendations: As a temporary workaround, consider restricting access to the /Admin/sports.php file until a fix is available. Sanitize the code argument to prevent SQL injection.