AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-36232: A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment Syst

infovulnerability

security

Source: NVD/CVE DatabaseApril 10, 2026CVE-2026-36232

Summary

A SQL injection vulnerability (a type of attack where malicious SQL code is inserted through user input) was discovered in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The vulnerability occurs because the 'classId' parameter from user input is directly added into a SQL query without being cleaned or checked first, allowing attackers to manipulate database queries.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

April 10, 2026

Classification

Attack SophisticationTrivial

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-36232

First tracked: April 10, 2026 at 02:07 PM

Classified by LLM (prompt v3) · confidence: 95%