CVE-2025-10613

CVE-2025-10613 affects itsourcecode Student Information System 1.0. The vulnerability is a SQL injection in the parameter level_id of /leveledit1.php caused by improper input handling. It can be exploited remotely and, per connected sources, the exploit has been disclosed publicly. Reports summar...

CVE-2025-10599

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-10599

The CVE-2025-10599 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in User::AuthenticateUser within login.php triggered by manipulating the user_email parameter. Multiple connected sources confirm the issue and its public exploitation...

CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-10592 itsourcecode Online Public Access Catalog OPAC POST Parameter mysearch.php sql injection

A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...

CVE-2025-10592 itsourcecode Online Public Access Catalog OPAC POST Parameter mysearch.php sql injection

A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...

itsourcecode Online Clinic Management System SQL注入漏洞

itsourcecode Online Clinic Management System is a itsourcecode open source online clinic management system. SQL injection vulnerability exists in itsourcecode Online Clinic Management System version 1.0, which originates from incorrect manipulation of the parameters...

itsourcecode E-Commerce Website 代码问题漏洞

itsourcecode E-Commerce Website is an open source e-commerce website by itsourcecode. A code issue vulnerability exists in version 1.0 of itsourcecode E-Commerce Website, which originates from an unlimited upload function in file /admin/users.php, which could lead to a remote attack...

itsourcecode E-Commerce Website 代码问题漏洞

itsourcecode E-Commerce Website is an e-commerce website by itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode E-Commerce Website, which stems from an incorrect operation of the file /admin/products.php, which could lead to remote arbitrary file uploads...

PT-2025-38280

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Clinic Management System version 1.0 Description: A flaw has been found in the itsourcecode Online Clinic Management System. The vulnerability affects unknown code within the /editp2.php file. Manipulation of the id,...

PT-2025-38256

Name of the Vulnerable Software and Affected Versions: itsourcecode E-Logbook with Health Monitoring System for COVID-19 version 1.0 Description: A cross-site scripting issue exists due to manipulation of the profile id argument in the /print reports prev.php file. This allows for remote attacks...

PT-2025-38275

Name of the Vulnerable Software and Affected Versions: itsourcecode E-Commerce Website version 1.0 Description: A security flaw has been discovered that allows for unrestricted upload. The issue affects an unknown function within the /admin/users.php file and can be exploited remotely. The exploi...

PT-2025-38263

Name of the Vulnerable Software and Affected Versions: itsourcecode E-Commerce Website version 1.0 Description: A vulnerability exists in itsourcecode E-Commerce Website 1.0, impacting an unknown function within the /admin/products.php file. This allows for unrestricted file upload, and the attac...

PT-2025-38277

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Clinic Management System version 1.0 Description: A security issue exists in itsourcecode Online Clinic Management System 1.0 related to the transact.php file. Manipulation of the firstname parameter can lead to SQL...

itsourcecode Online Public Access Catalog OPAC SQL注入漏洞

itsourcecode Online Public Access Catalog OPAC is an online public access catalog of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Public Access Catalog OPAC, which stems from incorrect manipulation of the parameters searchfield and searchtex...

PT-2025-38251

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information System version 1.0 Description: A SQL injection issue exists in itsourcecode Student Information System 1.0 due to manipulation of the level id argument in the /leveledit1.php file. The issue is exploitable...

itsourcecode Student Information System 安全漏洞

itsourcecode Student Information System is an open source student information system by itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Student Information System, which stems from an incorrect manipulation of the parameter levelid in the file /leveledit1.php, which...

itsourcecode E-Logbook with Health Monitoring System for COVID-19 代码注入漏洞

itsourcecode E-Logbook with Health Monitoring System for COVID-19 is an electronic logging system for the New Crown Pneumonia Health Monitoring System for COVID-19 open source by itsourcecode. A code injection vulnerability exists in itsourcecode E-Logbook with Health Monitoring System for COVID-...

PT-2025-38223

Name of the Vulnerable Software and Affected Versions: itsourcecode Web-Based Internet Laboratory Management System version 1.0 Description: A security flaw exists in itsourcecode Web-Based Internet Laboratory Management System. Manipulation of the user email argument in the User::AuthenticateUse...