CVE-2025-13237 | itsourcecode Inventory Management System 1.0 /LogSignModal.PHP U_USERNAME sql injection

Inserito da Angelo Barbosa | Nov 15, 2025 | CVE

A vulnerability was found in itsourcecode Inventory Management System 1.0. It has been declared as critical. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results in sql injection.

This vulnerability is reported as CVE-2025-13237. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-13237 | itsourcecode Inventory Management System 1.0 /LogSignModal.PHP U_USERNAME sql injection

Post correlati

CVE-2024-44211 | Apple macOS up to 15.0 App symlink

CVE-2023-6697 | WP Go Maps Plugin up to 9.0.28 on WordPress cross site scripting

CVE-2024-42332 | Zabbix up to 6.0.33/6.4.18/7.0.3 SNMP Trap Log Parser injection

CVE-2024-31030 | Keith Cullen FreeCoAP 0.7 Packet coap_msg.c denial of service