97 matches found
CVE-2026-36232
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...
CVE-2026-36233
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
CVE-2026-36234
itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...
EUVD-2026-21391
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
EUVD-2026-21373
itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...
EUVD-2026-21390
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...
CVE-2026-36234
itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...
CVE-2026-36233
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
itsourcecode Online Student Enrollment System 安全漏洞
itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability stems from the subjcode parameter in the scheduleSubList.php...
CVE-2026-36234
CVE-2026-36234 affects the itsourcecode Online Student Enrollment System v1.0. The vulnerability is a SQL Injection in the file newCourse.php via the 'coursename' parameter, caused by unvalidated input leading to unauthorized database access. CVSSv3.1 metrics indicate a critical impact (C:H, I:H,...
CVE-2026-36234
itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...
PT-2026-31930
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
CVE-2026-36235
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...
CVE-2026-36235
CVE-2026-36235 describes a severe SQL injection in the itsourcecode Online Student Enrollment System v1.0. The issue is in the scheduleSubList.php file where the subjcode parameter is directly embedded into the SQL query via string interpolation without sanitization or validation. The vulnerabili...
PT-2026-31923
itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...
CVE-2026-36235
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...
itsourcecode Online Student Enrollment System 安全漏洞
itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability arises from the classId parameter in the instructorClasses.php...
PT-2026-31929
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $ GET'classId' is directly concatenated into the SQL query without any sanitization or validation...
CVE-2026-5534
A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. The...
EUVD-2026-19018
A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...