CVE-2025-14226

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0

Description A security issue exists in itsourcecode Student Management System 1.0. The issue affects code within the /edit user.php file. Manipulation of the fname argument can lead to a SQL injection. The attack can be carried out remotely.

Recommendations For itsourcecode Student Management System version 1.0, address the SQL injection issue by sanitizing or validating the fname parameter in the /edit user.php file.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-14226

Affected Products

Student Management System

CVE-2025-14226

Weakness Enumeration

Related Identifiers

Affected Products

References · 12