SQL Injection Vulnerability in itsourcecode Tailoring Management System by itsourcecode
CVE-2025-0944
Key Information:
- Vendor
Itsourcecode
- Vendor
- CVE Published:
- 1 February 2025
Badges
What is CVE-2025-0944?
A security flaw has been identified in the itsourcecode Tailoring Management System version 1.0, specifically impacting the handling of the 'id' parameter within the customerview.php file. This vulnerability allows for SQL injection attacks, enabling an attacker to execute arbitrary SQL code on the database. The manipulation of the input could allow attackers to gain unauthorized access to sensitive data or potentially compromise the entire system. This issue is publicly disclosed, making it critical for affected users to take immediate action to mitigate any risks.
Affected Version(s)
Tailoring Management System 1.0
News Articles

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
Chinese threat actor UAT-6382 exploited CVE-2025-0944 in Trimble Cityworks to drop malware on U.S. systems.
2 weeks ago
References
CVSS V4
Timeline
- 💰
Used in Ransomware
- 📰
First article discovered by The Hacker News
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved