CVE-2026-4783 PUBLISHED

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument course_code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

• tnn2026 (VulDB User) reporter

• VDB-352800 | itsourcecode College Management System Parameter add-single-student-results.php sql injection
• VDB-352800 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #775786 | itsourcecode College Management System V1.0 SQL Injection
• https://github.com/ltranquility/submit/issues/3
• https://itsourcecode.com/

• SQL Injection CWE
• Injection CWE