NEXTGUARD
UNKNOWNCVE-2026-5675

itsourcecode Construction Management System Parameter borrowed_tool.php sql injection

Platform

php

Component

itsourcecode-construction-management-system

View on NVD

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed_tool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.

How to fix

Actualice el sistema de gestión de la construcción itsourcecode a una versión corregida.  Revise y sanee la entrada del usuario en el archivo borrowed_tool.php para prevenir inyecciones SQL. Implemente validación y escape adecuados para los datos proporcionados por el usuario.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2026-5675 — Vulnerability Details | NextGuard | NextGuard