The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course management page to obtain all database and administrator permissions. A low-privileged user could inject a SQL statement through the "Export to CSV" feature of the Contact Manager web GUI. Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |