CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

133 matches found

RedhatCVE•added 2026/04/14 7:23 p.m.•1 views

CVE-2026-36235

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...

9.8CVSS5.8AI score0.00047EPSS

Exploits1References1

NVD•added 2026/04/10 3:16 p.m.•1 views

CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

9.8CVSS0.00047EPSS

Exploits1References1

Vulnrichment•added 2026/04/10 12:0 a.m.•1 views

CVE-2026-36232

5.8AI score0.00047EPSS

Exploits1References1

Cvelist•added 2026/04/10 12:0 a.m.•20 views

CVE-2026-36233

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

0.0005EPSS

Exploits1References1

Vulnrichment•added 2026/04/10 12:0 a.m.•0 views

CVE-2026-36233

5.9AI score0.0005EPSS

Exploits1References1

Positive Technologies•added 2026/04/10 12:0 a.m.•0 views

PT-2026-31924

5.8AI score0.00047EPSS

Exploits1References2

Cvelist•added 2026/04/10 12:0 a.m.•25 views

CVE-2026-36232

0.00047EPSS

Exploits1References1

CVE•added 2026/04/10 12:0 a.m.•4 views

CVE-2026-36233

The vulnerability CVE-2026-36233 affects the itsourcecode Online Student Enrollment System v1.0. A SQL injection exists in assignInstructorSubjects.php where the parameter subjcode can be injected and used directly in SQL queries without proper cleaning/validation. This could allow an attacker to...

9.8CVSS5.9AI score0.0005EPSS

Exploits1References1Affected Software1

RedhatCVE•added 2025/12/13 11:7 p.m.•2 views

CVE-2025-14582

A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing a manipulation of the argument userphoto results in unrestricted upload. The attack can be initiated remotely. The exploit is...

7.2CVSS4.9AI score0.0003EPSS

Exploits1References1

RedhatCVE•added 2025/12/13 11:7 p.m.•2 views

CVE-2025-14583

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be...

9.8CVSS7AI score0.00023EPSS

Exploits1References1

EUVD•added 2025/12/13 12:30 a.m.•2 views

EUVD-2025-203180

A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing manipulation of the argument userphoto results in unrestricted upload. The attack can be initiated remotely. The exploit is n...

5.8CVSS6.4AI score0.0003EPSS

Exploits1References6

NVD•added 2025/12/12 10:15 p.m.•2 views

CVE-2025-14583

9.8CVSS0.00023EPSS

Exploits1References5