A vulnerability, which was classified as critical , was found in itsourcecode Online House Rental System 1.0 . This impacts an unknown function of the file /manage_payment.php . The manipulation of the argument ID results in sql injection. This vulnerability is known as CVE-2026-10253 . It is possible to launch the attack remotely. Furthermore, an exploit is available.