CVE-2026-2867 | itsourcecode Vehicle Management System 1.0 /billaction.php ID sql injection

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability, which was classified as critical, was found in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql injection.

The identification of this vulnerability is CVE-2026-2867. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-2867 | itsourcecode Vehicle Management System 1.0 /billaction.php ID sql injection

Post correlati

CVE-2026-1124 | Yonyou KSOA 9.0 HTTP GET Parameter work_report.jsp ID sql injection

CVE-2024-1217 | kaliforms Contact Form Builder with Drag & Drop Plugin up to 2.3.41 on WordPress Deactivation await_plugin_deactivation authorization

CVE-2025-40942 | Siemens TeleControl Server Basic 3.1.2.1/3.1.2.2/3.1.2.3 unnecessary privileges (ssa-192617)

CVE-2024-34891 | 1C-Bitrix Bitrix24 23.300.100 DAV Server Setting insufficiently protected credentials