Xiaoxu

Name of the Vulnerable Software and Affected Versions itsourcecode Construction Management System version 1.0 Description A flaw exists in itsourcecode Construction Management System 1.0. The issue involves the manipulation of the `toolname` argument within an unknown function of the file '/del1.php', leading to a SQL injection condition. Remote exploitation is possible. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.