2026-04-10 00:00:00
mitre
PUBLISHED
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the classId parameter from $_GET[classId] is directly concatenated into the SQL query without any sanitization or validation.