7 matches found
CVE-2025-13235
Mode C: This CVE concerns itsourcecode Inventory Management System 1.0. The vulnerability exists in the /admin/login.php file, where manipulating the user_email parameter can trigger SQL injection. It is exploitable remotely and has publicly disclosed exploits. Connected documents corroborate a S...
CVE-2025-13233
CVE-2025-13233 affects itsourcecode Inventory Management System 1.0. The vulnerable element is the file /index.php?q=single-item where manipulation of the ID parameter enables SQL injection. The issue can be exploited remotely and the exploit has been disclosed publicly. Available details indicat...
CVE-2025-13210
The CVE-2025-13210 issue affects itsourcecode Inventory Management System 1.0. The vulnerability resides in the PROMODEL parameter of /admin/products/index.php?view=add, where improper handling enables SQL injection. This can be exploited remotely and an exploit has been publicly disclosed. Multi...
CVE-2025-13257
CVE-2025-13257 affects itsourcecode Inventory Management System 1.0, with the vulnerable element in /admin/user/index.php?view=edit. The issue is an SQL injection caused by manipulation of the ID parameter, exploitable remotely. Public exploits have been disclosed. Documented impact indicates hig...
CVE-2025-13236
Affected software: itsourcecode Inventory Management System 1.0. Vulnerability: SQL injection arising from improper handling of the ID parameter in the file /admin/products/index.php?view=edit. Where: The vulnerability is triggered via the index.php?view=edit path under the admin/products directo...
CVE-2025-13234
The CVE-2025-13234 affects itsourcecode Inventory Management System 1.0, with a SQL injection flaw in the PROID parameter of /index.php?q=product. Multiple sources confirm remote exploitation and a publicly released exploit. Remediation is not detailed in the initial document beyond recommending ...
CVE-2025-13237
Summary: CVE-2025-13237 affects itsourcecode Inventory Management System 1.0. Affected component is the /LogSignModal.PHP file, where improper handling of the U_USERNAME parameter enables a SQL injection. The vulnerability can be exploited remotely and, according to connected sources, the exploit...