漏洞标题
源码代码ster 教师评估系统 SQL 注入
漏洞描述信息
源代码专家教师评估系统SQL注入
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
漏洞标题
SourceCodester Faculty Evaluation System sql injection
漏洞描述信息
A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edit_user. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-230150 is the identifier assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
漏洞标题
Faculty Evaluation System SQL注入漏洞
漏洞描述信息
Faculty Evaluation System是Carlo Montero个人开发者的一个教师评估系统。 SourceCodester Faculty Evaluation System 1.0版本存在SQL注入漏洞,该漏洞源于文件index.php?page=edit_user存在问题,攻击者利用该漏洞可以进行SQL注入攻击。
CVSS信息
N/A
漏洞类别
SQL注入