PT-2026-30787

A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /borrowedtool.php. Executing a manipulation of the argument code can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may b...

CVE-2026-5675 itsourcecode Construction Management System Parameter borrowed_tool.php sql injection

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowedtool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5675

The CVE-2026-5675 entry concerns itsourcecode Construction Management System 1.0. The vulnerability affects an unknown portion of the Parameter Handler, specifically the /borrowed_tool.php script, where the emp argument can be manipulated to perform an SQL injection. This can be exploited remotel...

CVE-2026-5660 itsourcecode Construction Management System Parameter borrowed_equip.php sql injection

A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be initiated remotely. The...

CVE-2026-5660 itsourcecode Construction Management System Parameter borrowed_equip.php sql injection

A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be initiated remotely. The...

CVE-2026-5551

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

CVE-2026-5620 itsourcecode Construction Management System Parameter borrowed_equip_report.php sql injection

A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowedequipreport.php of the component Parameter Handler. The manipulation of the argument Home leads to sql injection. It is possible to initiate the attack remotely...

CVE-2026-5620 itsourcecode Construction Management System Parameter borrowed_equip_report.php sql injection

A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowedequipreport.php of the component Parameter Handler. The manipulation of the argument Home leads to sql injection. It is possible to initiate the attack remotely...

CVE-2026-5620

CVE-2026-5620 affects itsourcecode Construction Management System 1.0. The vulnerable element is an unknown function in the file /borrowed_equip_report.php within the Parameter Handler component. Manipulating the argument Home leads to a SQL injection . It can be exploited remotely, and the explo...

PT-2026-30696

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed tool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit ha...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the emp parameter in the...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with the empid parameter in...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter “Home” in the...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters in the file...

CVE-2026-5553

A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can be launched...

CVE-2026-5553 itsourcecode Online Cellphone System Parameter available.php sql injection

A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can be launched...

CVE-2026-5553 itsourcecode Online Cellphone System Parameter available.php sql injection

A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can be launched...

CVE-2026-5553

The CVE-2026-5553 entry concerns itsourcecode Online Cellphone System 1.0. Affected functionality is an unknown aspect of /cp/available.php in the Parameter Handler, where manipulating the Name parameter leads to SQL injection. The vulnerability is exploitable remotely, with the exploit reportedl...

CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...