CVE-2026-1590
BaseFortify
Publication date: 2026-01-29
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| angeljudesuarez | school_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1590 is a SQL injection vulnerability in the itsourcecode School Management System version 1.0, specifically in the /ramonsys/faculty/index.php file. The vulnerability occurs because the application does not properly sanitize or validate the 'ID' parameter, allowing attackers to inject malicious SQL code. This can be exploited remotely without authentication, enabling attackers to manipulate database queries and potentially compromise the system. [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to remotely execute unauthorized SQL commands on your database. This can lead to unauthorized access, modification, or deletion of sensitive data, compromising the confidentiality, integrity, and availability of your system. Since the exploit is publicly available and easy to use, attackers can readily exploit this flaw to cause significant damage. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the vulnerable URL pattern using Google Dorking with the query `inurl:ramonsys/faculty/index.php`. Additionally, testing the 'id' parameter in the URL for SQL injection by injecting typical SQL payloads (e.g., `' OR '1'='1` or `' UNION SELECT NULL--`) can help identify the vulnerability. Network monitoring tools can look for suspicious requests targeting this endpoint with SQL injection patterns. Specific commands might include using curl or wget to send crafted requests, for example: `curl 'http://target/ramonsys/faculty/index.php?id=1'` and then `curl 'http://target/ramonsys/faculty/index.php?id=1' OR '1'='1'` to observe differences in responses indicating SQL injection. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected component with an alternative product, as no known countermeasures or mitigations have been documented. Additionally, restricting access to the vulnerable URL, applying web application firewalls (WAF) to block SQL injection attempts, and monitoring for suspicious activity targeting the `/ramonsys/faculty/index.php` endpoint are recommended. Since the vulnerability allows remote exploitation without authentication, limiting exposure by network segmentation or access controls can reduce risk until a patch or replacement is implemented. [1]