Security Advisory

CVE-2026-36232

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-10 00:00:00

Last updated 2026-04-14 14:14:30

Assigner mitre

State PUBLISHED

Description

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the classId parameter from $_GET[classId] is directly concatenated into the SQL query without any sanitization or validation.

← Browse all CVEs View on cve.org ↗