Vulnerability Title: itsourcecode News Portal Project V1.0 SQL Injection Description: Critical SQL injection vulnerability in the /newsportal/admin/contactus.php file due to insufficient user input validation of the 'pagetitle' parameter. This allows attackers to inject malicious SQL queries, leading to unauthorized database access, data modification, deletion, and sensitive information access. Source: GitHub CVE report Submitter: Chen Yang (UID 95653) Submission Date: 02/17/2026 10:50 AM Moderation Date: 02/24/2026 10:55 PM Status: Accepted VulDB Entry: 347671 (itsourcecode News Portal Project 1.0 /admin/contactus.php pagetitle SQL injection) Points: 20