12 matches found
CVE-2026-36235
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...
EUVD-2026-21391
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
EUVD-2026-21374
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...
CVE-2026-36235
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...
CVE-2026-36233
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
CVE-2026-36233
A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...
itsourcecode Online Student Enrollment System 安全漏洞
itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability arises from the subjcode parameter in the...
CVE-2026-36233
CVE-2026-36233 concerns a SQL injection in the itsourcecode Online Student Enrollment System v1.0 , specifically in the file assignInstructorSubjects.php . The issue arises because the vulnerable parameter subjcode is used directly in SQL queries without proper cleaning/validation, enabling attac...
PT-2026-31924
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...
CVE-2026-36235
CVE-2026-36235 describes a severe SQL injection in the itsourcecode Online Student Enrollment System v1.0. The issue is in the scheduleSubList.php file where the subjcode parameter is directly embedded into the SQL query via string interpolation without sanitization or validation. The vulnerabili...
CVE-2024-5391
A vulnerability has been found in itsourcecode Online Student Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file listofsubject.php. The manipulation of the argument subjcode leads to sql injection. The attack can be launched...
UF FE office platform /fenc/ncsubjass. jsp parameters subjcode SQL injection vulnerability
No description provided by source...