CVE-2026-2012

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0

Description A flaw exists in itsourcecode Student Management System 1.0. The issue involves the manipulation of the ID argument within an unknown function of the /ramonsys/facultyloading/index.php file, leading to a SQL injection condition. This allows for remote exploitation. The details of the exploit have been publicly disclosed.

Recommendations Apply any available updates or patches for itsourcecode Student Management System version 1.0. As a temporary workaround, restrict access to the /ramonsys/facultyloading/index.php file. Sanitize the ID parameter before using it in any database queries.