CVE-2024-7871
Huachu Easytest Online Learning Test Platform - SQL Injection
SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Huachu Digital Technology Ltd. · Easytest Online Test Platform¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://zuso.ai/advisory/za-2024-04