{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/itsourcecode/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7592"}],"_cs_exploited":false,"_cs_products":["Courier Management System (1.0)"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve"],"_cs_type":"advisory","_cs_vendors":["itsourcecode"],"content_html":"\u003cp\u003eitsourcecode Courier Management System 1.0 is vulnerable to a SQL injection vulnerability. The vulnerability resides in the \u003ccode\u003e/edit_staff.php\u003c/code\u003e file and can be exploited by manipulating the \u003ccode\u003eID\u003c/code\u003e argument. This allows a remote attacker to inject malicious SQL queries, potentially leading to unauthorized data access, modification, or deletion. The exploit is publicly available, increasing the risk of exploitation. The vulnerability was reported on May 1, 2026, and affects version 1.0 of the Courier Management System.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies the \u003ccode\u003e/edit_staff.php\u003c/code\u003e endpoint in the Courier Management System 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL injection payload within the \u003ccode\u003eID\u003c/code\u003e parameter of a HTTP GET or POST request.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the crafted request to the \u003ccode\u003e/edit_staff.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the \u003ccode\u003eID\u003c/code\u003e parameter, allowing the SQL injection payload to be processed by the database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL query is executed against the database, potentially allowing the attacker to bypass authentication or authorization controls.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves sensitive information from the database, such as user credentials, financial records, or other confidential data.\u003c/li\u003e\n\u003cli\u003eThe attacker modifies data in the database, potentially altering application behavior or causing data corruption.\u003c/li\u003e\n\u003cli\u003eThe attacker gains full control of the database server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability could allow attackers to read, modify, or delete sensitive data within the Courier Management System database. This could lead to unauthorized access to customer information, financial data, and other confidential records. Given the public availability of the exploit, organizations using Courier Management System 1.0 are at a high risk of compromise.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply input validation and sanitization to the \u003ccode\u003eID\u003c/code\u003e parameter in \u003ccode\u003e/edit_staff.php\u003c/code\u003e to prevent SQL injection (CVE-2026-7592).\u003c/li\u003e\n\u003cli\u003eDeploy the provided Sigma rule to detect potential SQL injection attempts targeting the \u003ccode\u003e/edit_staff.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eImplement a web application firewall (WAF) rule to block known SQL injection payloads (CVE-2026-7592).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-01T20:16:24Z","date_published":"2026-05-01T20:16:24Z","id":"/briefs/2026-05-courier-mgmt-sqli/","summary":"itsourcecode Courier Management System 1.0 is vulnerable to SQL Injection via the ID parameter in /edit_staff.php, potentially allowing remote attackers to execute arbitrary SQL commands.","title":"SQL Injection Vulnerability in itsourcecode Courier Management System","url":"https://feed.craftedsignal.io/briefs/2026-05-courier-mgmt-sqli/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7075"}],"_cs_exploited":false,"_cs_products":["Construction Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve-2026-7075"],"_cs_type":"advisory","_cs_vendors":["itsourcecode"],"content_html":"\u003cp\u003eA SQL injection vulnerability has been identified in itsourcecode Construction Management System version 1.0. The vulnerability resides within the \u003ccode\u003e/locations.php\u003c/code\u003e file and is triggered by manipulating the \u003ccode\u003eaddress\u003c/code\u003e argument. This allows a remote attacker to inject arbitrary SQL commands into the application\u0026rsquo;s database queries. This poses a significant risk as successful exploitation could lead to unauthorized data access, modification, or deletion, potentially compromising the entire system. The vulnerability has been assigned CVE-2026-7075, and a public exploit is available, increasing the likelihood of exploitation.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies an instance of itsourcecode Construction Management System 1.0.\u003c/li\u003e\n\u003cli\u003eAttacker sends a crafted HTTP request to \u003ccode\u003e/locations.php\u003c/code\u003e with a malicious SQL payload embedded in the \u003ccode\u003eaddress\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the \u003ccode\u003eaddress\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe unsanitized input is incorporated into an SQL query.\u003c/li\u003e\n\u003cli\u003eThe database executes the attacker-controlled SQL query.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts sensitive data from the database.\u003c/li\u003e\n\u003cli\u003eAttacker may use the injected queries to modify or delete data.\u003c/li\u003e\n\u003cli\u003eThe attacker compromises the confidentiality, integrity, and availability of the Construction Management System.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2026-7075) can lead to unauthorized access to sensitive data, including user credentials, financial records, and project details stored within the Construction Management System database. Attackers could potentially modify or delete critical data, disrupt business operations, or gain complete control over the application and its underlying infrastructure. Given the public availability of the exploit, organizations using the affected version of itsourcecode Construction Management System are at immediate risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the provided Sigma rule to detect suspicious HTTP requests to \u003ccode\u003e/locations.php\u003c/code\u003e containing potentially malicious SQL syntax in the \u003ccode\u003ecs-uri-query\u003c/code\u003e (webserver logs).\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization for the \u003ccode\u003eaddress\u003c/code\u003e parameter in \u003ccode\u003e/locations.php\u003c/code\u003e to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for unusual activity, especially requests targeting \u003ccode\u003e/locations.php\u003c/code\u003e with long or complex \u003ccode\u003eaddress\u003c/code\u003e parameters.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-27T02:16:01Z","date_published":"2026-04-27T02:16:01Z","id":"/briefs/2026-04-construction-management-sql-injection/","summary":"A SQL injection vulnerability exists in itsourcecode Construction Management System version 1.0, affecting the processing of the /locations.php file, allowing a remote attacker to inject SQL commands by manipulating the 'address' argument, with a publicly available exploit.","title":"itsourcecode Construction Management System SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-construction-management-sql-injection/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7555"}],"_cs_exploited":false,"_cs_products":["Electronic Judging System 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","vulnerability","web-application"],"_cs_type":"advisory","_cs_vendors":["itsourcecode"],"content_html":"\u003cp\u003eitsourcecode Electronic Judging System 1.0 is vulnerable to SQL injection in the /intrams/login.php file. The vulnerability, identified as CVE-2026-7555, allows a remote attacker to inject malicious SQL code by manipulating the \u003ccode\u003eUsername\u003c/code\u003e argument. The vulnerability was reported on 2026-05-01. Successful exploitation could lead to unauthorized access to sensitive data, modification of existing data, or even complete compromise of the database. The availability of a public exploit increases the risk of widespread exploitation. This poses a significant threat to organizations using the affected judging system, potentially disrupting operations and compromising confidential information.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies an instance of itsourcecode Electronic Judging System 1.0 running on a target server.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP POST request targeting the \u003ccode\u003e/intrams/login.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eWithin the POST request, the attacker manipulates the \u003ccode\u003eUsername\u003c/code\u003e parameter with a SQL injection payload.\u003c/li\u003e\n\u003cli\u003eThe server-side application improperly processes the attacker-supplied \u003ccode\u003eUsername\u003c/code\u003e value, failing to sanitize special characters.\u003c/li\u003e\n\u003cli\u003eThe unsanitized \u003ccode\u003eUsername\u003c/code\u003e value is incorporated into a SQL query executed against the application database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code modifies the query\u0026rsquo;s intended logic, potentially bypassing authentication or extracting sensitive data.\u003c/li\u003e\n\u003cli\u003eThe database server executes the modified SQL query, returning the results to the web application.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to sensitive information, such as user credentials, judging data, or other confidential application data.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability could allow attackers to bypass authentication, gain access to sensitive judging data, modify existing records, or potentially gain complete control of the database server. This could lead to data breaches, financial loss, reputational damage, and disruption of judging events. The lack of specific victim count or sector information in the source data makes quantifying the exact impact challenging.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply appropriate input validation and sanitization techniques to the \u003ccode\u003eUsername\u003c/code\u003e parameter in \u003ccode\u003e/intrams/login.php\u003c/code\u003e to mitigate the SQL injection vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Suspicious Login Attempts via SQL Injection\u003c/code\u003e to detect exploitation attempts targeting \u003ccode\u003e/intrams/login.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious POST requests containing unusual characters or SQL keywords in the \u003ccode\u003eUsername\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eConsider implementing a web application firewall (WAF) with rules to block common SQL injection patterns.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T18:00:00Z","date_published":"2024-01-03T18:00:00Z","id":"/briefs/2024-01-electronic-judging-sql-injection/","summary":"A remote SQL injection vulnerability (CVE-2026-7555) exists in itsourcecode Electronic Judging System 1.0 via manipulation of the Username argument in the /intrams/login.php file, potentially leading to unauthorized data access and modification.","title":"itsourcecode Electronic Judging System SQL Injection Vulnerability (CVE-2026-7555)","url":"https://feed.craftedsignal.io/briefs/2024-01-electronic-judging-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Itsourcecode","version":"https://jsonfeed.org/version/1.1"}