NVD CRITICAL: CVE-2026-36232 — A SQL injection vulnerability was found in the instructorClasses.php file of its...

Friday, April 10, 2026 at 03:16 PM UTC·Source: NIST NVD

Updated: Friday, April 24, 2026 at 06:06 PM UTC

Executive Summary

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $_GET['classId'] is directly concatenated into the SQL query without any sanitization or validation.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-36232

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on Apr 10, 2026. Verified by: NIST.

Related Threats

MEDIUMAi

White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology

A White House official said the administration is engaging with advanced AI labs about their models and the security of software. The post White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology appeared first on SecurityWeek .

Apr 17, 2026SecurityWeek

MEDIUMAi

Anthropic’s Dario Amodei heads to White House amid hacking fears over Mythos

Ian Duncan and Cat Zakrzewski report: Anthropic chief executive Dario Amodei is set to meet White House Chief of Staff Susie Wiles on Friday, according to a person briefed on the plan, as the federal government races to understand the national security implications of a powerful new artificial intelligence model the company says it has... Source

Apr 17, 2026DataBreaches.net

LOWAi

Moody’s agentic workflows land on AWS Marketplace

Moody’s Corporation (NYSE: MCO) today announced that its Moody’s Agentic Solutions (MAS) workflows are now available in AWS Marketplace.

Apr 17, 2026Finextra