CVE-2025-10599

Medium CVSS: 6.9

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument user_email results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.

Vendor

Itsourcecode

Product

Web-based Internet Laboratory Management System

CWE

CWE-74

Yayın Tarihi

2025-09-17 16:15:34

Güncelleme

2025-09-22 15:02:33

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Web-based Internet Laboratory Management System MEDIUM Itsourcecode 2025

Referanslar

https://github.com/drew-byte/Web-Based-Internet-Laboratory-Management-System_SQLi-PoC/blob/main/README.md https://itsourcecode.com/ https://vuldb.com/?ctiid.324616 https://vuldb.com/?id.324616 https://vuldb.com/?submit.649501

Benzer Kayıtlar

Medium

CVE-2026-5334

A weakness has been identified in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file…

Medium

CVE-2026-3730

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknow…

Medium

CVE-2026-3261

A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settin…

Medium

CVE-2026-2939

A vulnerability was found in itsourcecode Student Management System 1.0. The impacted element is an unknown function of…

Medium

CVE-2026-2190

A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of th…

Medium

CVE-2026-2189

A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the fil…