Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

itsourcecode — Vulnerabilities & Security Advisories 556

Browse all 556 CVE security advisories affecting itsourcecode. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ItsSourceCode operates as a repository for pre-built source code and software projects, primarily targeting students and developers seeking ready-made solutions for academic or commercial applications. This business model inherently distributes complex, often unvetted codebases that frequently contain significant security flaws. Historical analysis reveals a high prevalence of critical vulnerability classes, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, stemming from inadequate input validation and insecure default configurations. The platform’s lack of rigorous security auditing allows these defects to persist, creating a widespread attack surface for downstream users. With over 503 CVEs currently recorded, the site serves as a notable vector for exploiting known weaknesses in popular frameworks. Major incidents involve the distribution of compromised templates that facilitate unauthorized access and data exfiltration, highlighting the risks associated with sourcing unverified software components from third-party aggregators without proper security review.

CVE IDTitleCVSSSeverityPublished
CVE-2026-13579 itsourcecode Hospital Management System patientchangepassword.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13578 itsourcecode Hospital Management System patientdetail.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13572 itsourcecode Hospital Management System insertbillingrecord.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13557 itsourcecode Online Hotel Management System POST Request controller.php add cross site scripting — Online Hotel Management SystemCWE-79 4.3 Medium2026-06-29
CVE-2026-13556 itsourcecode Online Hotel Management System POST Request controller.php edit cross site scripting — Online Hotel Management SystemCWE-79 4.3 Medium2026-06-29
CVE-2026-13555 itsourcecode Online Hotel Management System controller.php add sql injection — Online Hotel Management SystemCWE-89 7.3 High2026-06-29
CVE-2026-13554 itsourcecode Online Hotel Management System POST Request controller.php add cross site scripting — Online Hotel Management SystemCWE-79 4.3 Medium2026-06-29
CVE-2026-13553 itsourcecode Online Hotel Management System controller.php add unrestricted upload — Online Hotel Management SystemCWE-434 7.3 High2026-06-29
CVE-2026-13552 itsourcecode Online Hotel Management System controller.php edit sql injection — Online Hotel Management SystemCWE-89 7.3 High2026-06-29
CVE-2026-13551 itsourcecode Baptism Information Management System editBaptism.php sql injection — Baptism Information Management SystemCWE-89 7.3 High2026-06-29
CVE-2026-13550 itsourcecode Baptism Information Management System delbaptism.php sql injection — Baptism Information Management SystemCWE-89 7.3 High2026-06-29
CVE-2026-13548 itsourcecode Hospital Management System doctortimings.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13542 itsourcecode Hospital Management System doctorprofile.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13541 itsourcecode Hospital Management System doctorchangepassword.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13532 itsourcecode Hospital Management System departmentDoctor.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13531 itsourcecode Hospital Management System department.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13530 itsourcecode Hospital Management System Appointment appointmentdetail.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13520 itsourcecode Hospital Management System Appointment appointmentapproval.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-29
CVE-2026-13497 itsourcecode Hospital Management System appointment.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-28
CVE-2026-13496 itsourcecode Hospital Management System ajaxmedicine.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-28
CVE-2026-13495 itsourcecode Hospital Management System adminprofile.php sql injection — Hospital Management SystemCWE-89 4.7 Medium2026-06-28
CVE-2026-11514 itsourcecode Hospital Management System addpatient.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-08
CVE-2026-11513 itsourcecode Hospital Management System adminaccount.php sql injection — Hospital Management SystemCWE-89 6.3 Medium2026-06-08
CVE-2026-11512 itsourcecode Hospital Management System billing.php cross site scripting — Hospital Management SystemCWE-79 4.3 Medium2026-06-08
CVE-2026-10811 itsourcecode Fees Management System receipt.php sql injection — Fees Management SystemCWE-89 6.3 Medium2026-06-04
CVE-2026-10810 itsourcecode Fees Management System navbar.php cross site scripting — Fees Management SystemCWE-79 4.3 Medium2026-06-04
CVE-2026-10809 itsourcecode Fees Management System manage_user.php sql injection — Fees Management SystemCWE-89 6.3 Medium2026-06-04
CVE-2026-10808 itsourcecode Fees Management System manage_student.php sql injection — Fees Management SystemCWE-89 6.3 Medium2026-06-04
CVE-2026-10568 itsourcecode Fees Management System manage_payment.php sql injection — Fees Management SystemCWE-89 6.3 Medium2026-06-02
CVE-2026-10302 itsourcecode Fees Management System manage_fee.php sql injection — Fees Management SystemCWE-89 6.3 Medium2026-06-01

This page lists every published CVE security advisory associated with itsourcecode. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.