UNKNOWNCVE-2026-5553
itsourcecode Online Cellphone System Parameter available.php sql injection
Platform
php
Component
itsourcecode-online-cellphone-system
A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
How to fix
Actualice el sistema a una versión corregida que solucione la vulnerabilidad de inyección SQL en el archivo /cp/available.php. Revise y sanee la entrada 'Name' para prevenir la ejecución de código SQL malicioso. Implemente validación y escape adecuados para las entradas del usuario.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free