CVE-2026-3149
itsourcecode College Management System asign-single-student-subjects.php sql injection
Description
A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a manipulation of the argument course_code can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:NUser InteractionS:UScopeC:LConfidentialityI:LIntegrityA:LAvailabilityWeaknesses
Affected Products
Exploitability
Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.
View exploit detailsAttack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
2 techniquesReferences
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-3149 and every CVE in our database. Create a free account — no credit card required.
Create Free Account