CRITICALAi
Verified
Global

NVD CRITICAL: CVE-2026-36235 — A SQL injection vulnerability was found in the scheduleSubList.php file of itsou...

·Source: NIST NVD

Updated:

Executive Summary

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation.

Analysis

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation. CVSS Score: 9.8. Published: 2026-04-10T15:16:25.077.

Indicators of Compromise (1)

CVE (1)
CVE-2026-36235
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Apr 10, 2026. Verified by: NIST.

Related Threats

MEDIUMAi

White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology

A White House official said the administration is engaging with advanced AI labs about their models and the security of software. The post White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology appeared first on SecurityWeek .

SecurityWeek
MEDIUMAi

Anthropic’s Dario Amodei heads to White House amid hacking fears over Mythos

Ian Duncan and Cat Zakrzewski report: Anthropic chief executive Dario Amodei is set to meet White House Chief of Staff Susie Wiles on Friday, according to a person briefed on the plan, as the federal government races to understand the national security implications of a powerful new artificial intelligence model the company says it has... Source

DataBreaches.net
LOWAi

Moody’s agentic workflows land on AWS Marketplace

Moody’s Corporation (NYSE: MCO) today announced that its Moody’s Agentic Solutions (MAS) workflows are now available in AWS Marketplace.

Finextra