PT-2025-38401

Name of the Vulnerable Software and Affected Versions itsourcecode E-Logbook with Health Monitoring System for COVID-19 version 1.0 Description A flaw exists in itsourcecode E-Logbook with Health Monitoring System for COVID-19, potentially allowing for SQL injection. The issue is related to the...

itsourcecode Online Discussion Forum SQL注入漏洞

itsourcecode Online Discussion Forum is an online forum of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Discussion Forum, which stems from incorrect manipulation of the parameter ID in the file /members/composemsg.php, which could lead to a...

CVE-2025-10620 itsourcecode Online Clinic Management System editp2.php sql injection

A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastname/type/age/address can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-10620

The CVE-2025-10620 entry concerns itsourcecode Online Clinic Management System 1.0. It identifies an SQL injection vulnerability in unknown code within the file /editp2.php, caused by manipulating parameters id, firstname, lastname, type, age, or address. The vulnerability can be exploited remote...

CVE-2025-10620 itsourcecode Online Clinic Management System editp2.php sql injection

A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastname/type/age/address can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-10618

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2025-10616

A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-10618 itsourcecode Online Clinic Management System transact.php sql injection

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2025-10618 itsourcecode Online Clinic Management System transact.php sql injection

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2025-10616 itsourcecode E-Commerce Website users.php unrestricted upload

A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-10616 itsourcecode E-Commerce Website users.php unrestricted upload

A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-10616

The CVE-2025-10616 entry concerns itsourcecode E-Commerce Website 1.0. The vulnerable component is the file /admin/users.php where an unspecified manipulation yields an unrestricted upload. The vulnerability can be exploited remotely and the exploit has been released publicly. Other details in co...

CVE-2025-10614

A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /printreportsprev.php. Executing manipulation of the argument profileid can lead to cross site scripting. It is possible to launch the...

CVE-2025-10615

A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-10615 itsourcecode E-Commerce Website products.php unrestricted upload

A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-10615 itsourcecode E-Commerce Website products.php unrestricted upload

A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-10614 itsourcecode E-Logbook with Health Monitoring System for COVID-19 print_reports_prev.php cross site scripting

A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /printreportsprev.php. Executing manipulation of the argument profileid can lead to cross site scripting. It is possible to launch the...

CVE-2025-10613

A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument levelid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

CVE-2025-10613 itsourcecode Student Information System leveledit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument levelid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

CVE-2025-10613 itsourcecode Student Information System leveledit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument levelid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...