itsourcecode CVE Vulnerabilities & Metrics

Focus on itsourcecode vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About itsourcecode Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with itsourcecode. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total itsourcecode CVEs: 29
Earliest CVE date: 26 May 2024, 23:15 UTC
Latest CVE date: 06 Aug 2024, 01:15 UTC

Latest CVE reference: CVE-2024-7495

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 29

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical itsourcecode CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.93

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	3
4.0-6.9	21
7.0-8.9	5
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS itsourcecode CVEs

These are the five CVEs with the highest CVSS scores for itsourcecode, sorted by severity first and recency.

CVE-2024-6196 itsourcecode Published on 20 Jun 2024, 16:15 UTC (CVSS: 7.5)
A vulnerability was found in itsourcecode Banking Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269168.
CVE-2024-6193 itsourcecode Published on 20 Jun 2024, 16:15 UTC (CVSS: 7.5)
A vulnerability, which was classified as critical, has been found in itsourcecode Vehicle Management System 1.0. This issue affects some unknown processing of the file driverprofile.php. The manipulation of the argument driverid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269165 was assigned to th...
CVE-2024-5984 itsourcecode Published on 14 Jun 2024, 02:15 UTC (CVSS: 7.5)
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268460.
CVE-2024-5983 itsourcecode Published on 14 Jun 2024, 02:15 UTC (CVSS: 7.5)
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file bookPerPub.php. The manipulation of the argument pubid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is...
CVE-2024-5519 itsourcecode Published on 30 May 2024, 16:15 UTC (CVSS: 7.5)
A vulnerability classified as critical was found in ItsourceCode Learning Management System Project In PHP 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument user_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266590 is the identifier assigned to this vulnerability.

All CVEs for itsourcecode

CVE-2024-7495 itsourcecode vulnerability CVSS: 6.5 06 Aug 2024, 01:15 UTC

A vulnerability, which was classified as critical, was found in itsourcecode Laravel Accounting System 1.0. This affects an unknown part of the file app/Http/Controllers/HomeController.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273621 was assigned to this vulnerability.

CVE-2024-7278 itsourcecode vulnerability CVSS: 5.8 31 Jul 2024, 01:15 UTC

A vulnerability was found in itsourcecode Alton Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/team_save.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273147.

CVE-2024-7277 itsourcecode vulnerability CVSS: 5.8 31 Jul 2024, 00:15 UTC

A vulnerability was found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/menu.php of the component Add a Menu. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273146 is the identifier assigned to this vulnerability.

CVE-2024-7276 itsourcecode vulnerability CVSS: 5.8 30 Jul 2024, 23:15 UTC

A vulnerability has been found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/member_save.php. The manipulation of the argument last/first leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273145 was assigned to this vulnerability.

CVE-2024-37873 itsourcecode vulnerability CVSS: 0 09 Jul 2024, 20:15 UTC

SQL injection vulnerability in view_payslip.php in Itsourcecode Payroll Management System Project In PHP With Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVE-2024-6196 itsourcecode vulnerability CVSS: 7.5 20 Jun 2024, 16:15 UTC

A vulnerability was found in itsourcecode Banking Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269168.

CVE-2024-6195 itsourcecode vulnerability CVSS: 6.5 20 Jun 2024, 16:15 UTC

A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file orderadd.php. The manipulation of the argument customer leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269167.

CVE-2024-6194 itsourcecode vulnerability CVSS: 6.5 20 Jun 2024, 16:15 UTC

A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. Affected is an unknown function of the file editmeasurement.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-269166 is the identifier assigned to this vulnerability.

CVE-2024-6193 itsourcecode vulnerability CVSS: 7.5 20 Jun 2024, 16:15 UTC

A vulnerability, which was classified as critical, has been found in itsourcecode Vehicle Management System 1.0. This issue affects some unknown processing of the file driverprofile.php. The manipulation of the argument driverid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269165 was assigned to this vulnerability.

CVE-2024-6016 itsourcecode vulnerability CVSS: 6.5 15 Jun 2024, 19:15 UTC

A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268724.

CVE-2024-6015 itsourcecode vulnerability CVSS: 6.5 15 Jun 2024, 17:15 UTC

A vulnerability classified as critical was found in itsourcecode Online House Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument month_of leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268723.

CVE-2024-6014 itsourcecode vulnerability CVSS: 6.5 15 Jun 2024, 17:15 UTC

A vulnerability classified as critical has been found in itsourcecode Document Management System 1.0. Affected is an unknown function of the file edithis.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-268722 is the identifier assigned to this vulnerability.

CVE-2024-6013 itsourcecode vulnerability CVSS: 6.5 15 Jun 2024, 16:15 UTC

A vulnerability was found in itsourcecode Online Book Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_delete.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268721 was assigned to this vulnerability.

CVE-2024-6009 itsourcecode vulnerability CVSS: 6.5 15 Jun 2024, 16:15 UTC

A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268699.

CVE-2024-37831 itsourcecode vulnerability CVSS: 0 14 Jun 2024, 20:15 UTC

Itsourcecode Payroll Management System 1.0 is vulnerable to SQL Injection in payroll_items.php via the ID parameter.

CVE-2024-5984 itsourcecode vulnerability CVSS: 7.5 14 Jun 2024, 02:15 UTC

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268460.

CVE-2024-5983 itsourcecode vulnerability CVSS: 7.5 14 Jun 2024, 02:15 UTC

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file bookPerPub.php. The manipulation of the argument pubid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268459.

CVE-2024-37849 itsourcecode vulnerability CVSS: 0 13 Jun 2024, 14:15 UTC

A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter.

CVE-2024-5588 itsourcecode vulnerability CVSS: 6.5 02 Jun 2024, 15:15 UTC

A vulnerability was found in itsourcecode Learning Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file processscore.php. The manipulation of the argument LessonID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266839.

CVE-2024-5519 itsourcecode vulnerability CVSS: 7.5 30 May 2024, 16:15 UTC

A vulnerability classified as critical was found in ItsourceCode Learning Management System Project In PHP 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument user_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266590 is the identifier assigned to this vulnerability.

CVE-2024-5397 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 03:15 UTC

A vulnerability classified as critical was found in itsourcecode Online Student Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file instructorSubjects.php. The manipulation of the argument instructorId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266311.

CVE-2024-5396 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 03:15 UTC

A vulnerability classified as critical has been found in itsourcecode Online Student Enrollment System 1.0. Affected is an unknown function of the file newfaculty.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266310 is the identifier assigned to this vulnerability.

CVE-2024-5395 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 03:15 UTC

A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file listofinstructor.php. The manipulation of the argument FullName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266309 was assigned to this vulnerability.

CVE-2024-5394 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 02:15 UTC

A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file newDept.php. The manipulation of the argument deptname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266308.

CVE-2024-5393 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 02:15 UTC

A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file listofcourse.php. The manipulation of the argument idno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266307.

CVE-2024-5392 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 02:15 UTC

A vulnerability was found in itsourcecode Online Student Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file editSubject.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-266306 is the identifier assigned to this vulnerability.

CVE-2024-5391 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 01:15 UTC

A vulnerability has been found in itsourcecode Online Student Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file listofsubject.php. The manipulation of the argument subjcode leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266305 was assigned to this vulnerability.

CVE-2024-5390 itsourcecode vulnerability CVSS: 6.5 27 May 2024, 01:15 UTC

A vulnerability, which was classified as critical, was found in itsourcecode Online Student Enrollment System 1.0. Affected is an unknown function of the file listofstudent.php. The manipulation of the argument lname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266304.

CVE-2024-5381 itsourcecode vulnerability CVSS: 6.5 26 May 2024, 23:15 UTC

A vulnerability classified as critical was found in itsourcecode Student Information Management System 1.0. Affected by this vulnerability is an unknown functionality of the file view.php. The manipulation of the argument studentId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266293 was assigned to this vulnerability.