| CVE-2026-1590 | Hig | 0.47 | 7.3 | 0.00 | | Jan 29, 2026 | A vulnerability was identified in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/faculty/index.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. |
| CVE-2026-1589 | Hig | 0.47 | 7.3 | 0.00 | | Jan 29, 2026 | A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/inquiry/index.php. This manipulation of the argument txtsearch causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. |
| CVE-2026-1545 | Hig | 0.47 | 7.3 | 0.00 | | Jan 28, 2026 | A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. |
| CVE-2026-1551 | Med | 0.41 | 6.3 | 0.00 | | Jan 29, 2026 | A weakness has been identified in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/course/controller.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. |
