EUVD-2026-33841
GHSA-4wxj-v45f-gf8f
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
AnalysisAI
SQL injection in itsourcecode Fees Management System 1.0 exposes the /ajax.php endpoint to database manipulation via the Username parameter, allowing authenticated remote attackers with low-privilege credentials to read, modify, or corrupt application data. The CVSS vector (AV:N/AC:L/PR:L) confirms this is network-exploitable at low complexity with a low-privilege account requirement. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid authenticated session with at least low-privilege access to the application (PR:L per CVSS vector) - an attacker must hold or obtain a working application account before targeting this endpoint. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS base score of 6.3 (Medium) reflects a balanced but meaningful risk: network-reachable (AV:N), low attack complexity (AC:L), low-privilege requirement (PR:L), no user interaction (UI:N), and low-impact across all three CIA pillars (C:L/I:L/A:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has registered or otherwise obtained a low-privilege account on a publicly accessible Fees Management System instance submits a crafted HTTP request to /ajax.php with a malicious SQL payload in the Username field - for example, injecting a UNION SELECT or boolean-based blind injection string. Because the parameter is not sanitized before being passed to the database engine, the injected SQL executes, allowing the attacker to enumerate database tables, extract credential hashes or personal data, or modify fee records. … |
| Remediation | No vendor-released patch identified at time of analysis - the CVSS temporal remediation level is undefined (RL:X) and no vendor advisory was found at https://itsourcecode.com/. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today