CVE-2026-36952

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.

low 2.7 CVSS 3.1

Published: Apr 13, 2026

Modified: Apr 14, 2026

Description

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.

References

https://github.com/huliangjia/bug_report/blob/main/Sourcecodester/online-thesis-archiving-system/SQL-5.md