CVE-2026-2018 | itsourcecode School Management System 1.0 controller.php ID sql injection

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability has been found in itsourcecode School Management System 1.0 and classified as critical. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection.

The identification of this vulnerability is CVE-2026-2018. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-2018 | itsourcecode School Management System 1.0 controller.php ID sql injection

Post correlati

CVE-2018-9374 | Google Android up to 8.1 PackageManagerService.java installPackageLI permission

CVE-2024-26678 | Linux Kernel up to 6.7.4 efistub memory corruption (4adeeff8c123/1ad55cecf22f)

CVE-2023-5131 | Delta Electronics ISPSoft 3.02.11 DVP File heap-based overflow

CVE-2025-43880 | GROWI up to 7.1.5 redos