CVE-2024-5392

The CVE-2024-5392 entry concerns itsourcecode Online Student Enrollment System 1.0, where the file editSubject.php is affected. An attacker can manipulate the id parameter to trigger a SQL injection, allowing potentially unauthorized access to or modification of backend data. Multiple connected s...

CVE-2024-5394

Affected software: itsourcecode Online Student Enrollment System 1.0. The vulnerability is a SQL injection in the file newDept.php where the deptname parameter is manipulated. Root cause: unsafely handling user input leading to injection in backend SQL queries. Impact: allows remote attacker to v...

CVE-2024-5390

CVE-2024-5390 concerns the Online Student Enrollment System 1.0. The vulnerability exists in an unknown function within listofstudent.php, where manipulating the lname argument enables SQL injection. This can be exploited remotely, and public disclosures have occurred (VDB-266304). The connected ...

CVE-2024-5393

CVE-2024-5393 affects the itsourcecode Online Student Enrollment System 1.0. A SQL injection vulnerability exists in the file listofcourse.php where altering the parameter idno enables remote exploitation. Exploitation is publicly disclosed. The vulnerability impacts confidentiality, integrity, a...

CVE-2024-5391

The CVE-2024-5391 entry concerns the itsourcecode Online Student Enrollment System 1.0. The vulnerability affects the file listofsubject.php, where manipulating the subjcode parameter enables an SQL injection. This is a network-exposed issue with low privileges required and no user interaction, a...

CVE-2024-5395

Affects itsourcecode Online Student Enrollment System 1.0. The vulnerability resides in processing the file listofinstructor.php, where manipulating the FullName parameter leads to SQL injection. The issue can be exploited remotely and has been disclosed publicly. Reported impact and exploitation...

CVE-2024-5396

The CVE-2024-5396 entry concerns itsourcecode Online Student Enrollment System 1.0, with a SQL injection in the file newfaculty.php. The vulnerability arises from manipulation of the name parameter, enabling remote exploitation. Multiple connected records corroborate this issue across CVE databas...

CVE-2024-5397

CVE-2024-5397 affects itsourcecode Online Student Enrollment System 1.0. The vulnerability resides in instructorSubjects.php where the attacker can manipulate the instructorId parameter to perform SQL injection. It is a remote vulnerability with publicly disclosed exploit information, indicating ...

CVE-2026-36235

CVE-2026-36235 describes a severe SQL injection in the itsourcecode Online Student Enrollment System v1.0. The issue is in the scheduleSubList.php file where the subjcode parameter is directly embedded into the SQL query via string interpolation without sanitization or validation. The vulnerabili...

CVE-2026-36232

Summary: CVE-2026-36232 affects the itsourcecode Online Student Enrollment System v1.0, via the file instructorClasses.php . The issue arises because the parameter classId from $_GET['classId'] is directly concatenated into an SQL query without sanitization or validation, enabling SQL injection. ...

CVE-2026-36233

CVE-2026-36233 concerns a SQL injection in the itsourcecode Online Student Enrollment System v1.0 , specifically in the file assignInstructorSubjects.php . The issue arises because the vulnerable parameter subjcode is used directly in SQL queries without proper cleaning/validation, enabling attac...

CVE-2026-36234

CVE-2026-36234 affects the itsourcecode Online Student Enrollment System v1.0. The vulnerability is a SQL Injection in the file newCourse.php via the 'coursename' parameter, caused by unvalidated input leading to unauthorized database access. CVSSv3.1 metrics indicate a critical impact (C:H, I:H,...