CVE-2026-5534: SQL Injection in Online Enrollment System 1.0
Plattform
php
Komponente
online-enrollment-system
CVE-2026-5534 represents a SQL Injection vulnerability discovered within the itsourcecode Online Enrollment System. This flaw allows attackers to inject malicious SQL code, potentially gaining unauthorized access to sensitive data and compromising the system's integrity. The vulnerability specifically impacts versions 1.0.0 through 1.0 and resides within the Parameter Handler component, accessible via the /sms/user/index.php?view=edit&id=10 file. A fix is currently unavailable.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-5534?
CVE-2026-5534 is a SQL Injection vulnerability affecting the itsourcecode Online Enrollment System. It allows attackers to inject malicious SQL code through the USERID parameter in the /sms/user/index.php?view=edit&id=10 endpoint, potentially leading to data breaches.
Am I affected by CVE-2026-5534?
You are potentially affected if you are using itsourcecode Online Enrollment System version 1.0.0 through 1.0 and have not applied a patch. The vulnerability is remotely exploitable.
How can I fix or mitigate CVE-2026-5534?
Currently, no official patch is available for CVE-2026-5534. Mitigation strategies may include input validation, parameterized queries, and restricting access to the vulnerable endpoint until a patch is released.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten