Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
itsourcecode Online Cellphone System 1.0: Unsecured Data Exposure via Remote SQL Injection
CVE-2026-5553
Summary
The itsourcecode Online Cellphone System 1.0 has a weakness in its Parameter Handler component. This flaw allows an attacker to inject malicious code and potentially access sensitive data. To protect your system, update to the latest version or patch the identified vulnerability as soon as possible.
Original title
A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handl...
Original description
A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026