SQL Injection in itsourcecode School Management System 1.0 (CVE-2026-0544)

Vulnerability Key Information Overview Vulnerability Type: SQL Injection Affected Product: itsourcecode School Management System 1.0 Vulnerable File: /student/index.php Vulnerability Description: SQL injection vulnerability caused by manipulating the ID parameter Vulnerability Details CVE ID: CVE-2026-0544 EUVD ID: EUVD-2026-0002 Impact: Compromise of confidentiality, integrity, and availability Exploitation CVE Preparation Effort: Simple Exploitation Method: No authentication required; can be exploited remotely CAPEC Attack Pattern: T1505 POC: Public PoC and proof-of-concept code available; see github.com Impact Level CVSSv3 Base Score: 7.3 CVSSv2 Base score: 7.5 CVSSv4 Base Score: Requires detailed report from VulDB for specific value Product and Vendor Information Vendor: itsourcecode Product Name: School Management System Product Version: 1.0 License: Free Threat Intelligence EPSS Score: No specific value available Active Attacker Behavior: No specific records of active APT groups Mitigation Measures: No specific mitigation measures available Recommendation: Replace affected system version with a more secure updated version Timeline Disclosure Date: 2026-01-01 VulDB Record Update Date: 2026-01-01 Vulnerability Submission and Discussion Submission Status: Accepted Discussion Content: No comments available

Goal Reached Thanks to every supporter — we hit 100%!

SQL Injection in itsourcecode School Management System 1.0 (CVE-2026-0544)