CVE-2026-5553 | itsourcecode Online Cellphone System 1.0 Parameter /cp/available.php Name sql injection

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability, which was classified as critical, was found in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-5553. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-5553 | itsourcecode Online Cellphone System 1.0 Parameter /cp/available.php Name sql injection

Post correlati

CVE-2024-26548 | Vivotek Network Camera FD8166A-VVTK-0204j upload_file.cgi unrestricted upload

CVE-2025-24786 | clidey whodb prior 0.45.0 /db Join path traversal (GHSA-9r4c-jwx3-3j76)

CVE-2024-5020 | Photo Gallery, Sliders, Proofing and Themes Plugin FancyBox JavaScript Library cross site scripting

CVE-2024-31029 | Keith Cullen FreeCoAP Packet test_coap_server.c server_handle_regular denial of service