Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action.
References
Link | Resource |
---|---|
https://www.exploit-db.com/exploits/43070/ | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-10-31 07:29
Updated : 2017-11-17 16:22
NVD link : CVE-2017-15989
Mitre link : CVE-2017-15989
CVE.ORG link : CVE-2017-15989
JSON object : View
Products Affected
online_exam_test_application_project
- online_exam_test_application
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')