CVE-2026-3760
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3Description
A vulnerability was detected in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /view_result.php. Performing a manipulation of the argument seme results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Analysis
SQL injection in itsourcecode University Management System 1.0 via the seme parameter in /view_result.php allows unauthenticated remote attackers to manipulate database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: inventory all affected systems running University Management System 1.0 and isolate /view_result.php access to trusted networks only. Within 7 days: implement WAF rules blocking suspicious POST/GET patterns to /view_result.php, enable enhanced logging for the affected module, and establish communication with the vendor for patch timeline. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today