CVE-2024-6803

Name of the Vulnerable Software and Affected Versions itsourcecode Document Management System version 1.0

Description A critical issue has been found in the itsourcecode Document Management System, affecting an unknown functionality of the file insert.php. The manipulation of the anothercont argument leads to SQL injection. The attack can be launched remotely.

Recommendations For itsourcecode Document Management System version 1.0, consider restricting access to the insert.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the anothercont argument in the affected functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.