itsourcecode Payroll Management System SQL注入漏洞

itsourcecode Payroll Management System is an open-source payroll management system developed by itsourcecode. Version 1.0 of the itsourcecode Payroll Management System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of parameter IDs in the file/manageuser.php...

CVE-2026-4966 itsourcecode Free Hotel Reservation System index.php sql injection

A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. Impacted is an unknown function of the file /admin/modroom/index.php?view=edit. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and m...

CVE-2026-4966 itsourcecode Free Hotel Reservation System index.php sql injection

A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. Impacted is an unknown function of the file /admin/modroom/index.php?view=edit. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and m...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is possible...

PT-2026-28692

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A flaw exists in itsourcecode Free Hotel Reservation System version 1.0 that may allow for SQL injection. The issue is located in the file /admin/mod room/index.php?view=edit...

CVE-2026-3993

A security vulnerability has been detected in itsourcecode Payroll Management System 1.0. This vulnerability affects unknown code of the file /manageemployeedeductions.php. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has bee...

CVE-2026-3980

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2026-4235

A weakness has been identified in itsourcecode Online Enrollment System 1.0. This issue affects some unknown processing of the file /sms/login.php. This manipulation of the argument useremail causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-4877

Summary: CVE-2026-4877 affects itsourcecode Payroll Management System up to version 1.0. A flaw in the file /index.php allows manipulation of the parameter page to trigger a cross-site scripting (XSS) vulnerability. Exploitation can be performed remotely, and public exploits exist. According to t...

CVE-2026-4877 itsourcecode Payroll Management System index.php cross site scripting

A security flaw has been discovered in itsourcecode Payroll Management System up to 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-4876

CVE-2026-4876 affects the itsourcecode Free Hotel Reservation System 1.0. The vulnerability is in the unknown function of the file /admin/mod_amenities/index.php?view=editpic, where manipulation of the argument ID enables an SQL injection. The attack can be performed remotely, and a public exploi...

CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

CVE-2026-4875 itsourcecode Free Hotel Reservation System index.php unrestricted upload

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/modamenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842 itsourcecode Online Enrollment System Parameter index.php sql injection

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842

The CVE-2026-4842 entry concerns the itsourcecode Online Enrollment System 1.0. It targets the parameter handling code in /sms/grades/index.php?view=edit&id=1, where manipulating deptid enables an SQL injection. The vulnerability is exploitable remotely and publicly disclosed. Affected component:...

CVE-2026-4842 itsourcecode Online Enrollment System Parameter index.php sql injection

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

PT-2026-28657

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A manipulation of the image argument in the file '/admin/mod amenities/index.php?view=add' causes unrestricted upload. The attack can be carried out remotely. The exploit has...