CVE-2025-10614

A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /printreportsprev.php. Executing manipulation of the argument profileid can lead to cross site scripting. It is possible to launch the...

CVE-2025-10615

A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-10615 itsourcecode E-Commerce Website products.php unrestricted upload

A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-10615 itsourcecode E-Commerce Website products.php unrestricted upload

A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-10614 itsourcecode E-Logbook with Health Monitoring System for COVID-19 print_reports_prev.php cross site scripting

A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /printreportsprev.php. Executing manipulation of the argument profileid can lead to cross site scripting. It is possible to launch the...

CVE-2025-10613

A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument levelid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

CVE-2025-10613

CVE-2025-10613 affects itsourcecode Student Information System 1.0. The vulnerability is a SQL injection in the parameter level_id of /leveledit1.php caused by improper input handling. It can be exploited remotely and, per connected sources, the exploit has been disclosed publicly. Reports summar...

CVE-2025-10613 itsourcecode Student Information System leveledit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument levelid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

CVE-2025-10613 itsourcecode Student Information System leveledit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument levelid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

CVE-2025-10599

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-10599

The CVE-2025-10599 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in User::AuthenticateUser within login.php triggered by manipulating the user_email parameter. Multiple connected sources confirm the issue and its public exploitation...

CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-10592 itsourcecode Online Public Access Catalog OPAC POST Parameter mysearch.php sql injection

A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...

CVE-2025-10592 itsourcecode Online Public Access Catalog OPAC POST Parameter mysearch.php sql injection

A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...

PT-2025-38277

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Clinic Management System version 1.0 Description: A security issue exists in itsourcecode Online Clinic Management System 1.0 related to the transact.php file. Manipulation of the firstname parameter can lead to SQL...

PT-2025-38263

Name of the Vulnerable Software and Affected Versions: itsourcecode E-Commerce Website version 1.0 Description: A vulnerability exists in itsourcecode E-Commerce Website 1.0, impacting an unknown function within the /admin/products.php file. This allows for unrestricted file upload, and the attac...

PT-2025-38256

Name of the Vulnerable Software and Affected Versions: itsourcecode E-Logbook with Health Monitoring System for COVID-19 version 1.0 Description: A cross-site scripting issue exists due to manipulation of the profile id argument in the /print reports prev.php file. This allows for remote attacks...

itsourcecode Online Public Access Catalog OPAC SQL注入漏洞

itsourcecode Online Public Access Catalog OPAC is an online public access catalog of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Public Access Catalog OPAC, which stems from incorrect manipulation of the parameters searchfield and searchtex...

itsourcecode E-Commerce Website 代码问题漏洞

itsourcecode E-Commerce Website is an e-commerce website by itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode E-Commerce Website, which stems from an incorrect operation of the file /admin/products.php, which could lead to remote arbitrary file uploads...