A SQL injection vulnerability has been identified in itsourcecode University Management System version 1.0. The vulnerability exists in the /admin_single_student_update.php file where manipulation of the ID argument leads to SQL injection. The vulnerability can be exploited remotely and the exploit has been publicly disclosed, making it actively exploitable. This affects the administrative functionality for updating student records in the university management system.