CVE-2025-9596

Name of the Vulnerable Software and Affected Versions itsourcecode Sports Management System version 1.0

Description A SQL injection issue exists due to the manipulation of the User argument in the file /login.php. This can be initiated remotely. The exploit has been publicly disclosed.

Recommendations As a temporary workaround, consider restricting access to the /login.php file until a fix is available. Sanitize the User input to prevent SQL injection attacks.