A vulnerability, which was classified as critical , was found in itsourcecode Fees Management System 1.0 . Affected by this vulnerability is an unknown functionality of the file /receipt.php . Such manipulation of the argument ef_id leads to sql injection. This vulnerability is listed as CVE-2026-10811 . The attack may be performed from remote. In addition, an exploit is available.