CVE-2026-2117 PUBLISHED

A vulnerability was found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/edit_activity.php. Performing a manipulation of the argument activity_id results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.

• Jarway (VulDB User) reporter

• VDB-344692 | itsourcecode Society Management System edit_activity.php sql injection
• VDB-344692 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #746884 | itsourcecode Society Management System V1.0 SQL injection
• https://github.com/ZooNJarway/CVE/issues/4
• https://itsourcecode.com/

• SQL Injection CWE
• Injection CWE