CVE-2026-5719

A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /borrowedtool.php. Executing a manipulation of the argument code can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may b...

CVE-2026-5660 itsourcecode Construction Management System Parameter borrowed_equip.php sql injection

A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be initiated remotely. The...

CVE-2026-5620

CVE-2026-5620 affects itsourcecode Construction Management System 1.0. The vulnerable element is an unknown function in the file /borrowed_equip_report.php within the Parameter Handler component. Manipulating the argument Home leads to a SQL injection . It can be exploited remotely, and the explo...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters in the file...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the emp parameter in the...

CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

EUVD-2026-19018

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

CVE-2026-3980

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2026-4876

CVE-2026-4876 affects the itsourcecode Free Hotel Reservation System 1.0. The vulnerability is in the unknown function of the file /admin/mod_amenities/index.php?view=editpic, where manipulation of the argument ID enables an SQL injection. The attack can be performed remotely, and a public exploi...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4472 itsourcecode Online Frozen Foods Ordering System admin_edit_supplier.php sql injection

A security vulnerability has been detected in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /admin/admineditsupplier.php. The manipulation of the argument SupplierName leads to sql injection. The attack can be initiated remotely. The...

CVE-2026-4471 itsourcecode Online Frozen Foods Ordering System admin_edit_employee.php sql injection

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2026-4469

The CVE-2026-4469 entry concerns itsourcecode Online Frozen Foods Ordering System 1.0. The vulnerability resides in the admin_edit_menu_action.php logic where manipulating the product_name argument enables SQL injection. A remote attacker could exploit this, and public exploit code is indicated a...

CVE-2026-4469 itsourcecode Online Frozen Foods Ordering System admin_edit_menu_action.php sql injection

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admineditmenuaction.php. Such manipulation of the argument productname leads to sql injection. The attack may be performed from...

CVE-2026-3980 itsourcecode Online Doctor Appointment System patient_action.php sql injection

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

itsourcecode Online Doctor Appointment System SQL注入漏洞

itsourcecode Online Doctor Appointment System is an open-source online doctor appointment system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from incorrect handling of the patientid parameter in the file admin/patientaction.php. This...

CVE-2026-3747 itsourcecode University Management System add_result.php sql injection

A vulnerability was identified in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /addresult.php. Such manipulation of the argument subject leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

CVE-2026-3410

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...

CVE-2026-3410

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...