CVE-2026-6007 | itsourcecode Construction Management System 1.0 /del.php equipname sql injection

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability labeled as critical has been found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection.

This vulnerability is reported as CVE-2026-6007. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-6007 | itsourcecode Construction Management System 1.0 /del.php equipname sql injection

Post correlati

CVE-2025-60175 | PopAd Plugin up to 1.0.4 on WordPress server-side request forgery

CVE-2025-5411 | Mist Community Edition up to 4.7.1 views.py tag_resources tag cross site scripting

CVE-2021-4440 | Linux Kernel up to 5.10.217 Xen USERGS_SYSRET64 buffer overflow (1424ab4bb386)

CVE-2024-50467 | WebXApp Scrollbar Plugin up to 1.3.0 on WordPress cross site scripting