CVE-2026-10242— itsourcecode Content Management System instructions.php sql injection
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10242
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
itsourcecode Content Management System instructions.php sql injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topic_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| itsourcecode | Content Management System | 1.0 | cpe:2.3:a:itsourcecode:content_management_system:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-10242
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10242
请登录查看更多情报信息。
Other References for CVE-2026-10242 (2)
Same Patch Batch · itsourcecode · 2026-06-01 · 3 CVEs total
| CVE-2026-10250 | 7.3 HIGH | itsourcecode Online Blood Bank Management System campsdetails.php sql injection |
| CVE-2026-10249 | 7.3 HIGH | itsourcecode Online Blood Bank Management System viewrequest.php sql injection |
IV. Related Vulnerabilities
Same product: Content Management System
- CVE-2026-0567
code-projects Content Management System pages.php sql inject - CVE-2026-0566
code-projects Content Management System edit_posts.php unres - CVE-2026-0565
code-projects Content Management System delete.php sql injec - CVE-2026-0546
code-projects Content Management System search.php sql injec - CVE-2025-15197
code-projects/anirbandutta9 Content Management System/News-B
Same vendor: itsourcecode
- CVE-2026-10250
itsourcecode Online Blood Bank Management System campsdetail - CVE-2026-10249
itsourcecode Online Blood Bank Management System viewrequest - CVE-2026-9607
itsourcecode Courier Management System parcel_list.php sql i - CVE-2026-9606
itsourcecode Courier Management System manage_user.php sql i - CVE-2026-9575
itsourcecode Student Transcript Processing System index.php
Same weakness: CWE-89
- CVE-2026-10250
itsourcecode Online Blood Bank Management System campsdetail - CVE-2026-10249
itsourcecode Online Blood Bank Management System viewrequest - CVE-2026-40546
Multiple SQL Injections in SOPlanning - CVE-2026-10237
SourceCodester Water Billing Management System User Manageme - CVE-2026-10235
CodeAstro Ingredients Stock Management System stock_manager.
V. Comments for CVE-2026-10242
No comments yet