Is there a public PoC exploit available for CVE-2026-7075?

Yes, a public proof-of-concept exploit is available for CVE-2026-7075. Prioritise patching immediately. EPSS: 0.0%.

itsourcecode Construction Management System CVE-2026-7075

Q: What is the CVSS score of CVE-2026-7075?

CVE-2026-7075 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-25753 MEDIUM

SQL Injection (CWE-89)

2026-04-27 VulDB

PHP SQLi

5.5

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 29, 2026 - 01:12 NVD

6.9 (MEDIUM) 5.5 (MEDIUM)

PoC Detected

Apr 29, 2026 - 01:00 vuln.today

Public exploit code

Analysis Generated

Apr 27, 2026 - 02:30 vuln.today

Severity Changed

Apr 27, 2026 - 02:22 NVD

HIGH MEDIUM

CVSS changed

Apr 27, 2026 - 02:22 NVD

7.3 (HIGH) 6.9 (MEDIUM)

EUVD ID Assigned

Apr 27, 2026 - 02:15 euvd

EUVD-2026-25753

Analysis Generated

Apr 27, 2026 - 02:15 vuln.today

CVE Published

Apr 27, 2026 - 01:30 nvd

MEDIUM 5.5

DescriptionNVD

A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

AnalysisAI

SQL injection in itsourcecode Construction Management System 1.0 allows remote unauthenticated attackers to manipulate the address parameter in /locations.php, enabling arbitrary database queries with confidentiality and integrity impact. Publicly available exploit code exists, increasing real-world risk despite the moderate CVSS score of 6.9.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-7075 vulnerability details – vuln.today

Back

itsourcecode Construction Management System CVE-2026-7075

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Analysis

Full analysis requires sign-in

Share

itsourcecode Construction Management System CVE-2026-7075

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code