CVE 9.8 CRITICAL

CVE-2026-36234_CVE-2026-36234

April 14, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter.

AI Analysis

SQL Injection vulnerability in newCourse.php via the 'coursename' parameter

Basic Information

ID CVE-2026-36234

Source mitre

Published Apr 10, 2026 at 00:00

Modified Apr 14, 2026 at 14:02

Affected Product

Vendor itsourcecode

Product itsourcecode Online Student Enrollment System

Version v1.0

Affected Versions n/a n/a n/a

CWE Classification

CWE-89

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor itsourcecode

Product Online Student Enrollment System

Version v1.0

References

github.com /Amorsec/CVE-PHP/blob/main/itsourcecode-Online_Student_Enrollment_System_in_newCourse.php_sql_injection.pdf

{
    "lastseen": "",
    "description": "itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter.",
    "published": "2026-04-10T00:00:00.000Z",
    "modified": "2026-04-14T14:02:19.446Z",
    "type": "cve",
    "title": "CVE-2026-36234",
    "source": "mitre",
    "references": "https://github.com/Amorsec/CVE-PHP/blob/main/itsourcecode-Online_Student_Enrollment_System_in_newCourse.php_sql_injection.pdf",
    "id": "CVE-2026-36234",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "itsourcecode Online Student Enrollment System",
    "version": "v1.0",
    "vendor": "itsourcecode",
    "ai_description": "SQL Injection vulnerability in newCourse.php via the 'coursename' parameter",
    "ai_severity": "Critical",
    "ai_vendor": "itsourcecode",
    "ai_product": "Online Student Enrollment System",
    "ai_version": "v1.0",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply