VYPR

Vendor CVEs

Itsourcecode

All CVEs

463 total · sorted by risk
  • CVE-2025-9598HigAug 29, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXYear results in sql injection. The attack can be initiated remotely. The exploit…

  • CVE-2025-9597HigAug 29, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid leads to sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2025-9596HigAug 29, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly…

  • CVE-2025-9594HigAug 28, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid leads to sql injection. The attack is possible to be carried out remotely. The…

  • CVE-2025-9593HigAug 28, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2025-9592HigAug 28, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2025-9511HigAug 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /visitor/addvisitor.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is…

  • CVE-2025-9510HigAug 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /branch/addbranch.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-9509HigAug 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fair_info_all.php. Performing manipulation of the argument fid results in sql injection. The attack can be initiated remotely. The…

  • CVE-2025-9508HigAug 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /report/rented_info.php. The manipulation of the argument rsid results in sql injection. The attack may be launched remotely. The exploit is now…

  • CVE-2025-9507HigAug 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitor_info.php. Executing manipulation of the argument vid can lead to sql injection. The attack can be launched remotely. The exploit has been…

  • CVE-2025-9472HigAug 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /owner_utility/add_owner_utility.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit…

  • CVE-2025-9471HigAug 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/add_maintenance_cost.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible.…

  • CVE-2025-9470HigAug 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/add_m_committee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been…

  • CVE-2025-9469HigAug 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fund/add_fund.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The…

  • CVE-2025-9468HigAug 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /bill/add_bill.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched…

  • CVE-2025-9421HigAug 25, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in itsourcecode Apartment Management System 1.0. This affects an unknown function of the file /complain/addcomplain.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-9420HigAug 25, 2025
    risk 0.47cvss 7.3epss 0.01

    A flaw has been found in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /floor/addfloor.php. Executing manipulation of the argument hdnid can lead to sql injection. The attack can be launched remotely. The exploit has been…

  • CVE-2025-9419HigAug 25, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now…

  • CVE-2025-9418HigAug 25, 2025
    risk 0.47cvss 7.3epss 0.01

    A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has…

  • CVE-2025-9311HigAug 21, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fair/addfair.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2025-9156HigAug 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/sports.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit…

  • CVE-2025-8925HigAug 13, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed…

  • CVE-2026-40196HigApr 17, 2026
    risk 0.46cvss 8.1epss 0.00

    HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group, even after their access to that group was revoked. While the web interface…

  • CVE-2018-25191HigMar 6, 2026
    risk 0.46cvss 7.1epss 0.00

    Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'mod_id' parameter. Attackers can send POST requests to the editar_producto.php endpoint with crafted SQL…

  • CVE-2025-23707HigDec 31, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matamko En Masse en-masse-wp allows Reflected XSS.This issue affects En Masse: from n/a through <= 1.0.

  • CVE-2026-11514MedJun 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2026-11513MedJun 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be…

  • CVE-2026-10811MedJun 4, 2026
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in itsourcecode Fees Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /receipt.php. Such manipulation of the argument ef_id leads to sql injection. The attack may be performed from remote.…

  • CVE-2026-10809MedJun 4, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in itsourcecode Fees Management System 1.0. This impacts an unknown function of the file /manage_user.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the…

  • CVE-2026-10808MedJun 4, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown function of the file /manage_student.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly…

  • CVE-2026-10568MedJun 2, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /manage_payment.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.

  • CVE-2026-10302MedJun 2, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /manage_fee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published…

  • CVE-2026-10297MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available…

  • CVE-2026-10296MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The…

  • CVE-2026-10265MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_topic.php. Such manipulation of the argument topic_id leads to sql injection. The attack may be launched remotely. The…

  • CVE-2026-10258MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/add_sub_topic.php. This manipulation of the argument topic_id causes sql injection. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2026-10257MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/update_ss_img.php. The manipulation of the argument topic_id results in sql injection. The attack can be executed remotely. The…

  • CVE-2026-10256MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /save_comment.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit is…

  • CVE-2026-10242MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topic_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2026-9607MedMay 27, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results in sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-7822MedMay 5, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and…

  • CVE-2026-6191MedApr 13, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been…

  • CVE-2026-6190MedApr 13, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has…

  • CVE-2026-6030MedApr 10, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2026-6007MedApr 10, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and…

  • CVE-2026-5823MedApr 9, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowed_tool_report.php. This manipulation of the argument Home causes sql injection. It is possible to initiate the attack…

  • CVE-2026-5719MedApr 7, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /borrowedtool.php. Executing a manipulation of the argument code can lead to sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-5681MedApr 6, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument emp_id causes sql injection. The attack is possible to be carried out…

  • CVE-2026-5675MedApr 6, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed_tool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack…

Page 4 of 10