CVE-2026-2161 – itsourcecode Directory Management System forget-password.php sql injection

CVE ID : CVE-2026-2161

Published : Feb. 8, 2026, 4:15 p.m. | 1 hour, 3 minutes ago

Description : A vulnerability was found in itsourcecode Directory Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/forget-password.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…