A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /add_drive.php. The manipulation of the argument drive_title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

TeamT5 Blog

TeamT5 was established in 2017 by 5 security professionals who firmly believe that Taiwan has world-class security talents. TeamT5 consists of world-class cyber threat analysts with more than 20-year experience. Leveraging our geographic and cultural advantages, we have the best understanding of cyber attackers in Asia Pacific. Based on our research in malware & Advanced Persistent Threat (APT), we provide cyber threat intelligence reports and anti-ransomware solutions to clients in the USA, Japan, and Taiwan. Clients include government agencies, financial business, telecom operators, high-tech enterprises, electronic manufacturing service companies, and managed security service providers(MSSP).