These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A SQL injection vulnerability exists in ITSourceCode Courier Management System 1.0, specifically in the `/parcel_list.php` file. The vulnerability allows remote attackers to manipulate the `s` parameter to inject malicious SQL commands. The CVSS 4.0 score of 2.1 (LOW severity) reflects limited privileges required and low impact on confidentiality, integrity, and availability. The exploit has been publicly [truncated]
A SQL injection vulnerability exists in itsourcecode Electronic Judging System 1.0, specifically in the /admin/edit_judge.php endpoint where the judge_id parameter is improperly sanitized. The vulnerability allows remote attackers to manipulate database queries through crafted input to this parameter. The issue was disclosed publicly on 2026-05-26 with exploit details available. The CVSS 4.0 vector indica [truncated]
A SQL injection vulnerability exists in the itsourcecode Electronic Judging System 1.0, specifically within the /intrams/admin/login.php endpoint. The Username parameter is susceptible to injection, enabling remote attackers to manipulate database queries. The vulnerability has been publicly disclosed with exploit availability confirmed, though no known ransomware campaign use has been identified. The CVS [truncated]