CVE-2026-10297

Description

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

References

• https://github.com/ltranquility/vuln_submit/issues/8
• https://itsourcecode.com/
• https://vuldb.com/cve/CVE-2026-10297
• https://vuldb.com/submit/826579
• https://vuldb.com/vuln/367590