SQL Injection Vulnerability in itsourcecode Online Enrollment System 1.0 (CVE-2026-4632)
CVE-2026-4632 is a SQL Injection vulnerability in itsourcecode Online Enrollment System 1.0, specifically affecting the Parameter Handler component at '/sms/user/index.php?view=add', allowing a remote attacker to inject malicious SQL code by manipulating the 'Name' argument, with a public exploit available.
A SQL Injection vulnerability, identified as CVE-2026-4632, has been discovered in itsourcecode Online Enrollment System version 1.0. The vulnerability resides within the Parameter Handler component of the application, specifically in the /sms/user/index.php?view=add file. By manipulating the Name argument, a remote attacker can inject malicious SQL code, potentially leading to unauthorized data access, modification, or deletion. The existence of a publicly available exploit increases the…
Detection coverage 2
Detect SQL Injection Attempts in Online Enrollment System
highDetects potential SQL injection attempts targeting the /sms/user/index.php endpoint in itsourcecode Online Enrollment System.
Detect SQL Injection Attempts in Online Enrollment System (POST)
highDetects potential SQL injection attempts targeting the /sms/user/index.php endpoint in itsourcecode Online Enrollment System using POST method.
Detection queries are kept inside the platform. Get full rules →