16 matches found
CVE-2026-7074
The CVE-2026-7074 entry concerns itsourcecode Construction Management System 1.0, with SQL injection in the file /execute1.php. The vulnerability arises from manipulation of an argument, enabling remote exploitation. Sources indicate the exploit is publicly disclosed and there is PoC-like activit...
EUVD-2026-25751
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the publi...
CVE-2026-7073 itsourcecode Construction Management System execute.php sql injection
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-5823 itsourcecode Construction Management System borrowed_tool_report.php sql injection
A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowedtoolreport.php. This manipulation of the argument Home causes sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2026-5823
A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowedtoolreport.php. This manipulation of the argument Home causes sql injection. It is possible to initiate the attack remotely. The exploit has...
PT-2026-30696
A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed tool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...
CVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...
CVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...
CVE-2024-50971
A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the mapid parameter...
CVE-2024-50971
A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the mapid parameter...
CVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...
CVE-2024-50972
CVE-2024-50972 affects Itsourcecode Construction Management System 1.0. A SQL injection flaw exists in printtool.php that allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter. The issue is supported by multiple sources (NVD, Red Hat, CNNVD, PT Security, CIRCL, CVE...
CVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...
CVE-2024-50971
CVE-2024-50971 affects Itsourcecode Construction Management System 1.0. A SQL injection in the print.php endpoint (parameter: map_id) enables remote attackers to execute arbitrary SQL commands. The vulnerability is described with high impact on confidentiality, integrity, and availability in the ...
CVE-2024-50971
A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the mapid parameter...