Lucene search
K

97 matches found

RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.13 views

CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

9.8CVSS5.8AI score0.00319EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.9 views

CVE-2026-36233

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

9.8CVSS5.9AI score0.00319EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.13 views

CVE-2026-36234

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...

9.8CVSS5.9AI score0.00319EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/10 3:31 p.m.3 views

EUVD-2026-21391

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

5.9AI score0.00319EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/10 3:31 p.m.5 views

EUVD-2026-21373

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...

5.9AI score0.00319EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/10 3:31 p.m.5 views

EUVD-2026-21390

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

5.8AI score0.00319EPSS
Exploits1References2
NVD
NVD
added 2026/04/10 3:16 p.m.4 views

CVE-2026-36234

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...

9.8CVSS0.00319EPSS
Exploits1References1
NVD
NVD
added 2026/04/10 3:16 p.m.3 views

CVE-2026-36233

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

9.8CVSS0.00319EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

itsourcecode Online Student Enrollment System 安全漏洞

itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability stems from the subjcode parameter in the scheduleSubList.php...

9.8CVSS5.8AI score0.00319EPSS
Exploits1References2
CVE
CVE
added 2026/04/10 12:0 a.m.10 views

CVE-2026-36234

CVE-2026-36234 affects the itsourcecode Online Student Enrollment System v1.0. The vulnerability is a SQL Injection in the file newCourse.php via the 'coursename' parameter, caused by unvalidated input leading to unauthorized database access. CVSSv3.1 metrics indicate a critical impact (C:H, I:H,...

9.8CVSS5.9AI score0.00319EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/10 12:0 a.m.3 views

CVE-2026-36234

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...

5.9AI score0.00319EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.3 views

PT-2026-31930

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

5.9AI score0.00319EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/10 12:0 a.m.26 views

CVE-2026-36235

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...

0.00319EPSS
Exploits1References1
CVE
CVE
added 2026/04/10 12:0 a.m.22 views

CVE-2026-36235

CVE-2026-36235 describes a severe SQL injection in the itsourcecode Online Student Enrollment System v1.0. The issue is in the scheduleSubList.php file where the subjcode parameter is directly embedded into the SQL query via string interpolation without sanitization or validation. The vulnerabili...

9.8CVSS5.8AI score0.00319EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31923

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter...

5.9AI score0.00319EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/10 12:0 a.m.2 views

CVE-2026-36235

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...

5.8AI score0.00319EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

itsourcecode Online Student Enrollment System 安全漏洞

itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability arises from the classId parameter in the instructorClasses.php...

9.8CVSS5.8AI score0.00319EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.10 views

PT-2026-31929

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $ GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

5.8AI score0.00319EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.5 views

CVE-2026-5534

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/05 3:30 a.m.4 views

EUVD-2026-19018

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
Rows per page
Query Builder