A vulnerability classified as critical was found in itsourcecode Fees Management System 1.0 . This impacts an unknown function of the file /manage_user.php . The manipulation of the argument ID results in sql injection. This vulnerability is identified as CVE-2026-10809 . The attack can be executed remotely. Additionally, an exploit exists.