Ifan

Name of the Vulnerable Software and Affected Versions itsourcecode Construction Management System version 1.0 Description A SQL injection issue exists in itsourcecode Construction Management System version 1.0. The issue is located in the `/del.php` file, affecting an unknown function. Manipulation of the `equipname` argument can lead to SQL injection. The attack can be launched remotely. The exploit has been made public. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.