CVE-2026-5660 | itsourcecode Construction Management System 1.0 Parameter /borrowed_equip.php emp sql injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability identified as critical has been detected in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowed_equip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection.

This vulnerability appears as CVE-2026-5660. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-5660 | itsourcecode Construction Management System 1.0 Parameter /borrowed_equip.php emp sql injection

Post correlati

CVE-2024-34943 | Tenda FH1206 1.2.0.8(8155)_EN NatStaticSetting page stack-based overflow

CVE-2025-9906 | Keras up to 3.10.x enable_unsafe_deserialization

CVE-2024-3862 | Mozilla Firefox up to 124 MarkStack uninitialized pointer

CVE-2026-1602 | Ivanti Endpoint Manager up to 2024 SU5 sql injection