CVE-2026-10251

A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2026-10253

A vulnerability was detected in itsourcecode Online House Rental System 1.0. This impacts an unknown function of the file /managepayment.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

CVE-2026-10249 itsourcecode Online Blood Bank Management System viewrequest.php sql injection

A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted is an unknown function of the file /admin/viewrequest.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might...

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

CVE-2026-9575 itsourcecode Student Transcript Processing System index.php sql injection

A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2026-9528 itsourcecode Electronic Judging System delete_judge.php sql injection

A vulnerability was identified in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /admin/deletejudge.php. Such manipulation of the argument judgeid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be...

CVE-2026-9526 itsourcecode Electronic Judging System edit_team.php sql injection

A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/editteam.php. The manipulation of the argument numid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be use...

CVE-2026-9526 itsourcecode Electronic Judging System edit_team.php sql injection

A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/editteam.php. The manipulation of the argument numid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be use...

CVE-2026-9383

The CVE affects itsourcecode Electronic Judging System 1.0. The vulnerability exists in /intrams/admin/login.php where manipulation of the Username parameter enables SQL injection. This allows remote exploitation, as stated. The exploit is public. No additional remediation details are provided in...

itsourcecode Construction Management System 注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability, which stems from the handling of the parameter “address” in the...

PT-2026-35336

A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the publi...

CVE-2026-6191

A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

EUVD-2026-21390

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

EUVD-2026-21374

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...

CVE-2026-6030

A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be us...

CVE-2026-6030

The CVE-2026-6030 entry concerns itsourcecode Construction Management System 1.0. The vulnerable component is an unknown function in /del1.php where manipulating the toolname argument leads to SQL injection. Remote exploitation is possible, and an exploit has been published. No remediation detail...

CVE-2026-6030 itsourcecode Construction Management System del1.php sql injection

A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be us...

CVE-2026-6007 itsourcecode Construction Management System del.php sql injection

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

itsourcecode Online Student Enrollment System 安全漏洞

itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability stems from the subjcode parameter in the scheduleSubList.php...