CVE-2025-4311

Name of the Vulnerable Software and Affected Versions itsourcecode Content Management System version 1.0

Description A critical issue was discovered in the itsourcecode Content Management System, affecting the /admin/update main topic img.php file. The manipulation of the topic id argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For itsourcecode Content Management System version 1.0, consider disabling the /admin/update main topic img.php file until a patch is available to prevent SQL injection attacks. Restrict access to the topic id argument in the affected API endpoint to minimize the risk of exploitation.