PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-15672 itsourcecode CVE debrief

A SQL injection vulnerability was found in Itsourcecode Electronic Judging System 1.0. The issue is located in the /intrams/admin/add_judges.php file, where user input is not properly validated, allowing for SQL injection attacks. The vulnerability has been publicly disclosed and may be utilized. This issue affects administrators and users of the system, who should be aware of the vulnerability and take necessary precautions to prevent exploitation. The attack may be initiated remotely, and the exploit has been publicly disclosed.

Vendor
itsourcecode
Product
Electronic Judging System
CVSS
LOW 2.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-14
Original CVE updated
2026-07-14
Advisory published
2026-07-14
Advisory updated
2026-07-14

Who should care

Administrators and users of Itsourcecode Electronic Judging System 1.0 should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes reviewing system deployments, applying vendor patches or updates if available, and implementing compensating controls such as web application firewalls to detect and prevent SQL injection attacks.

Technical summary

The vulnerability is caused by improper input validation in the /intrams/admin/add_judges.php file of Itsourcecode Electronic Judging System 1.0. Specifically, the 'fname' argument is not properly sanitized, allowing for SQL injection attacks. The attack may be initiated remotely. The vulnerability has a CVSS score of 2.1 and a severity of LOW. This issue affects administrators and users of the system, who should be aware of the vulnerability and take necessary precautions to prevent exploitation, including reviewing system deployments, applying vendor patches or updates if available, and implementing compensating controls such as web application firewalls to detect and prevent SQL injection attacks.

Defensive priority

Low

Recommended defensive actions

  • Inventory and verify the presence of Itsourcecode Electronic Judging System 1.0 in your environment.
  • Apply vendor patches or updates if available.
  • Implement compensating controls such as web application firewalls to detect and prevent SQL injection attacks.
  • Monitor for suspicious activity and implement logging and exception tracking to detect potential exploitation.
  • Review relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-07-14T06:17:25.633Z and has not been modified since then. The NVD entry is currently in the 'Received' state. Limited information is available about the vulnerability, and further investigation is recommended. The CVE record and NVD entry provide official details about the vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T06:17:25.633Z and has not been modified since then. The NVD entry is currently Received.