Weipei

**Name of the Vulnerable Software and Affected Versions** itsourcecode Document Management System version 1.0 **Description** A flaw exists in itsourcecode Document Management System 1.0. The issue is related to a SQL injection that can be triggered by manipulating the `user2del` argument in the `/deluser.php` file. The attack can be launched remotely. The exploit has been made publicly available. **Recommendations** Apply a fix to address the SQL injection issue in the `/deluser.php` file.

**Name of the Vulnerable Software and Affected Versions** itsourcecode Document Management System version 1.0 **Description** A security issue exists in itsourcecode Document Management System version 1.0. The manipulation of the `field1` parameter in the `/edtlbls.php` file can lead to SQL injection. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.