CVE-2026-10297

MEDIUM WAF: High

CVSS 6.3 Published: 2026-06-01

CWE-89

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

WAF Coverage Analysis

SQL Injection High WAF Coverage

OWASP: A03:2021 Injection

942xxx - SQL Injection

References

github.com
itsourcecode.com
vuldb.com
vuldb.com
vuldb.com
vuldb.com

Back to CVE Database