CVE-2024-7871
Huachu Easytest Online Learning Test Platform - SQL Injection
SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Huachu Digital Technology Ltd. · Easytest Online Test PlatformWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://zuso.ai/advisory/za-2024-04