{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-4632/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve-2026-4632"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA SQL Injection vulnerability, identified as CVE-2026-4632, has been discovered in itsourcecode Online Enrollment System version 1.0. The vulnerability resides within the Parameter Handler component of the application, specifically in the \u003ccode\u003e/sms/user/index.php?view=add\u003c/code\u003e file. By manipulating the \u003ccode\u003eName\u003c/code\u003e argument, a remote attacker can inject malicious SQL code, potentially leading to unauthorized data access, modification, or deletion. The existence of a publicly available exploit increases the…\u003c/p\u003e\n","date_modified":"2026-03-24T05:16:24Z","date_published":"2026-03-24T05:16:24Z","id":"/briefs/2026-03-online-enrollment-sqli/","summary":"CVE-2026-4632 is a SQL Injection vulnerability in itsourcecode Online Enrollment System 1.0, specifically affecting the Parameter Handler component at '/sms/user/index.php?view=add', allowing a remote attacker to inject malicious SQL code by manipulating the 'Name' argument, with a public exploit available.","title":"SQL Injection Vulnerability in itsourcecode Online Enrollment System 1.0 (CVE-2026-4632)","url":"https://feed.craftedsignal.io/briefs/2026-03-online-enrollment-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-4632","version":"https://jsonfeed.org/version/1.1"}