Web Based Internet Laboratory Management System

Source repositories

https://github.com/drew-byte/Web-Based-Internet-Laboratory-Management-System_SQLi-PoC

CVEs (6)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2025-13301	Hig	0.47	7.3	Nov 17, 2025	A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
CVE-2025-13300	Hig	0.47	7.3	Nov 17, 2025	A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-13299	Hig	0.47	7.3	Nov 17, 2025	A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.
CVE-2025-13298	Hig	0.47	7.3	Nov 17, 2025	A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVE-2025-13297	Hig	0.47	7.3	Nov 17, 2025	A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-10599	Hig	0.47	7.3	Sep 17, 2025	A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument user_email results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.

CVE-2025-13301HigNov 17, 2025
risk 0.47cvss 7.3epss 0.00
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
CVE-2025-13300HigNov 17, 2025
risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-13299HigNov 17, 2025
risk 0.47cvss 7.3epss 0.00
A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.
CVE-2025-13298HigNov 17, 2025
risk 0.47cvss 7.3epss 0.00
A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVE-2025-13297HigNov 17, 2025
risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVE-2025-10599HigSep 17, 2025
risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument user_email results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.