CVE-2026-36952
SQL Injection in Sourcecodester Thesis Archiving System v
Publication date: 2026-04-13
Last updated on: 2026-04-14
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sourcecodester | online_thesis_archiving_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the `id` parameter in the URL `/otas/admin/curriculum/manage_curriculum.php` for SQL injection. Specifically, sending crafted payloads via GET requests to this parameter can reveal if the system is vulnerable.
- Use a curl command to send a test payload such as: curl "http://<target>/otas/admin/curriculum/manage_curriculum.php?id=0' union select 1,2,database(),4,5,6,7--+"
- Observe the response for database information or SQL errors indicating injection.
- Alternatively, use web vulnerability scanners that support SQL injection detection targeting the `id` parameter in the specified URL.
Can you explain this vulnerability to me?
CVE-2026-36952 is an SQL injection vulnerability found in the Online Thesis Archiving System v1.0 by Sourcecodester. It exists in the file /otas/admin/curriculum/manage_curriculum.php, specifically in the handling of the 'id' parameter via a GET request.
Because the 'id' parameter is not properly sanitized, an attacker can inject malicious SQL code. For example, by sending a crafted payload like '?id=0' union select 1,2,database(),4,5,6,7--+', the attacker can execute arbitrary SQL commands, such as extracting the current database name.
This vulnerability allows unauthorized access to sensitive data stored in the backend database and may enable further manipulation of the database.
How can this vulnerability impact me? :
This SQL injection vulnerability can lead to unauthorized disclosure of sensitive data from the backend database of the Online Thesis Archiving System.
An attacker exploiting this flaw could extract confidential information, such as database contents, and potentially manipulate or corrupt the data.
Such unauthorized access and data manipulation can compromise the integrity, confidentiality, and availability of the system and its stored information.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include sanitizing and validating the `id` parameter in `/otas/admin/curriculum/manage_curriculum.php` to prevent SQL injection.
- Implement prepared statements or parameterized queries in the PHP code to handle the `id` parameter safely.
- Apply input validation to ensure only expected numeric values are accepted for the `id` parameter.
- Restrict direct access to the vulnerable script if possible until a patch or fix is applied.
- Monitor logs for suspicious requests containing SQL injection payloads.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in the Online Thesis Archiving System v1.0 allows unauthorized data disclosure and potential database manipulation. Such unauthorized access to sensitive data can lead to violations of data protection regulations like GDPR and HIPAA, which mandate strict controls over personal and sensitive information to prevent data breaches.
Because the vulnerability enables attackers to extract database information without authorization, it compromises the confidentiality and integrity of stored data, thereby negatively impacting compliance with standards that require safeguarding personal data.