CVE-2026-36235
CVE-2026-36235 describes a severe SQL injection in the itsourcecode Online Student Enrollment System v1.0. The issue is in the scheduleSubList.php file where the subjcode parameter is directly embedded into the SQL query via string interpolation without sanitization or validation. The vulnerabili...