Vulnerability Description
A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=add. Such manipulation of the argument txtsearch/deptname/name leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/yuji0903/silver-guide/issues/10
- https://github.com/yuji0903/silver-guide/issues/12
- https://itsourcecode.com/
- https://vuldb.com/?ctiid.351159
- https://vuldb.com/?id.351159
- https://vuldb.com/?submit.771239
- https://vuldb.com/?submit.771241
- https://vuldb.com/?submit.771242
FAQ
What is CVE-2026-4236?
CVE-2026-4236 is a vulnerability with a CVSS score of 7.3 (HIGH). A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=add. Such manipulation of the argument t...
How severe is CVE-2026-4236?
CVE-2026-4236 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-4236?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.