CVE-2026-7075

Description

A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

References

• https://github.com/Beatriz-ai-boop/cve/issues/4
• https://itsourcecode.com/
• https://vuldb.com/submit/799545
• https://vuldb.com/vuln/359650
• https://vuldb.com/vuln/359650/cti