Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

itsourcecode — Vulnerabilities & Security Advisories 503

Browse all 503 CVE security advisories affecting itsourcecode. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ItsSourceCode operates as a repository for pre-built source code and software projects, primarily targeting students and developers seeking ready-made solutions for academic or commercial applications. This business model inherently distributes complex, often unvetted codebases that frequently contain significant security flaws. Historical analysis reveals a high prevalence of critical vulnerability classes, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, stemming from inadequate input validation and insecure default configurations. The platform’s lack of rigorous security auditing allows these defects to persist, creating a widespread attack surface for downstream users. With over 503 CVEs currently recorded, the site serves as a notable vector for exploiting known weaknesses in popular frameworks. Major incidents involve the distribution of compromised templates that facilitate unauthorized access and data exfiltration, highlighting the risks associated with sourcing unverified software components from third-party aggregators without proper security review.

Top products by itsourcecode: Tailoring Management System Apartment Management System Student Management System Online Tour and Travel Management System Society Management System Gym Management System University Management System Placement Management System School Management System Construction Management System Payroll Management System College Management System Student Information Management System COVID Tracking System Restaurant Management System Sports Management System POS Point of Sale System Online Student Enrollment System Online Blood Bank Management System Online Discussion Forum Online Cake Ordering System Free Hotel Reservation System Vehicle Management System Open Source Job Portal Online Frozen Foods Ordering System Inventory Management System Document Management System Farm Management System Web-Based Internet Laboratory Management System Online Enrollment System
CVE IDTitleCVSSSeverityPublished
CVE-2025-10667 itsourcecode Online Discussion Forum compose_msg.php sql injection — Online Discussion ForumCWE-89 7.3 High2025-09-18
CVE-2025-10632 itsourcecode Online Petshop Management System Admin Dashboard availableframe.php cross site scripting — Online Petshop Management SystemCWE-79 3.5 Low2025-09-18
CVE-2025-10631 itsourcecode Online Petshop Management System Available Products addcnp.php cross site scripting — Online Petshop Management SystemCWE-79 3.5 Low2025-09-18
CVE-2025-10620 itsourcecode Online Clinic Management System editp2.php sql injection — Online Clinic Management SystemCWE-89 6.3 Medium2025-09-17
CVE-2025-10618 itsourcecode Online Clinic Management System transact.php sql injection — Online Clinic Management SystemCWE-89 6.3 Medium2025-09-17
CVE-2025-10616 itsourcecode E-Commerce Website users.php unrestricted upload — E-Commerce WebsiteCWE-434 6.3 Medium2025-09-17
CVE-2025-10615 itsourcecode E-Commerce Website products.php unrestricted upload — E-Commerce WebsiteCWE-434 6.3 Medium2025-09-17
CVE-2025-10614 itsourcecode E-Logbook with Health Monitoring System for COVID-19 print_reports_prev.php cross site scripting — E-Logbook with Health Monitoring System for COVID-19CWE-79 4.3 Medium2025-09-17
CVE-2025-10613 itsourcecode Student Information System leveledit1.php sql injection — Student Information SystemCWE-89 6.3 Medium2025-09-17
CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection — Web-Based Internet Laboratory Management SystemCWE-89 7.3 High2025-09-17
CVE-2025-10592 itsourcecode Online Public Access Catalog OPAC POST Parameter mysearch.php sql injection — Online Public Access Catalog OPACCWE-89 6.3 Medium2025-09-17
CVE-2025-10426 itsourcecode Online Laundry Management System login.php sql injection — Online Laundry Management SystemCWE-89 7.3 High2025-09-15
CVE-2025-10411 itsourcecode E-Logbook with Health Monitoring System for COVID-19 POST Request check_profile.php cross site scripting — E-Logbook with Health Monitoring System for COVID-19CWE-79 4.3 Medium2025-09-14
CVE-2025-10405 itsourcecode Baptism Information Management System listbaptism.php sql injection — Baptism Information Management SystemCWE-89 7.3 High2025-09-14
CVE-2025-10404 itsourcecode Baptism Information Management System rptbaptismal.php sql injection — Baptism Information Management SystemCWE-89 7.3 High2025-09-14
CVE-2025-10118 itsourcecode E-Logbook with Health Monitoring System for COVID-19 login.php sql injection — E-Logbook with Health Monitoring System for COVID-19CWE-89 7.3 High2025-09-09
CVE-2025-10113 itsourcecode Student Information Management System index.php sql injection — Student Information Management SystemCWE-89 7.3 High2025-09-09
CVE-2025-10112 itsourcecode Student Information Management System index.php sql injection — Student Information Management SystemCWE-89 7.3 High2025-09-08
CVE-2025-10111 itsourcecode Student Information Management System index.php sql injection — Student Information Management SystemCWE-89 7.3 High2025-09-08
CVE-2025-10068 itsourcecode Online Discussion Forum add_views.php sql injection — Online Discussion ForumCWE-89 7.3 High2025-09-07
CVE-2025-10067 itsourcecode POS Point of Sale System empty_table.php cross site scripting — POS Point of Sale SystemCWE-79 4.3 Medium2025-09-07
CVE-2025-10066 itsourcecode POS Point of Sale System dymanic_table.php cross site scripting — POS Point of Sale SystemCWE-79 4.3 Medium2025-09-07
CVE-2025-10065 itsourcecode POS Point of Sale System dom_data_th.php cross site scripting — POS Point of Sale SystemCWE-79 4.3 Medium2025-09-07
CVE-2025-10064 itsourcecode POS Point of Sale System dom_data_two_headers.php cross site scripting — POS Point of Sale SystemCWE-79 4.3 Medium2025-09-07
CVE-2025-10063 itsourcecode POS Point of Sale System deferred_table.php cross site scripting — POS Point of Sale SystemCWE-79 4.3 Medium2025-09-06
CVE-2025-10062 itsourcecode Student Information Management System login.php sql injection — Student Information Management SystemCWE-89 7.3 High2025-09-06
CVE-2025-10033 itsourcecode Online Discussion Forum admin sql injection — Online Discussion ForumCWE-89 7.3 High2025-09-06
CVE-2025-10029 itsourcecode POS Point of Sale System complex_header_2.php cross site scripting — POS Point of Sale SystemCWE-79 3.5 Low2025-09-06
CVE-2025-10028 itsourcecode POS Point of Sale System 6776.php cross site scripting — POS Point of Sale SystemCWE-79 3.5 Low2025-09-06
CVE-2025-10027 itsourcecode POS Point of Sale System 2512.php cross site scripting — POS Point of Sale SystemCWE-79 3.5 Low2025-09-05

This page lists every published CVE security advisory associated with itsourcecode. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.