Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
itsourcecode Construction Management System 1.0 File Deletion Vulnerability
CVE-2026-6007
Summary
A flaw in the itsourcecode Construction Management System 1.0 allows an attacker to access sensitive information by manipulating a file deletion function. This could put your company's data at risk. Update to the latest version of the software to fix this issue.
Original title
A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql inject...
Original description
A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026