CVE-2026-9573
HighSummary
A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0, affecting an unknown part of the file /admin/modules/student/index.php?view=view. Manipulating the argument studentId results in SQL injection.
Risk Assessment
An attacker can remotely exploit this vulnerability, potentially leading to unauthorized access to the database and leakage of student personal data.
Recommendation
It is recommended to immediately update the system to the latest version and implement input data filtering to prevent SQL injection.
Original NVD description (English source)
A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

