SQL Injection Vulnerability in Open Source Job Portal by Itsourcocode
CVE-2025-11090

5.3MEDIUM

Key Information:

Vendor: Itsourcecode
Status: Open Source Job Portal
Vendor: CVE Published:; 28 September 2025

🔔 Create Itsourcecode Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-11090?

A vulnerability exists in itsourcecode Open Source Job Portal 1.0, located in the admin panel's employee editing function. By manipulating the argument ID in the URL, an attacker could execute unauthorized SQL queries, potentially exposing sensitive data. This vulnerability can be exploited remotely, raising significant security concerns for users. As the exploit details are publicly accessible, immediate action is recommended to mitigate risks associated with this security risk.

Affected Version(s)

Open Source Job Portal 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-11090 - Proof of Concept