CVE-2019-14754

Open-School 3.0, and Community Edition 2.3, allows SQL Injection via the index.php?r=students/students/document id parameter.
References
Link Resource
https://pastebin.com/xuZN5rJR Exploit Third Party Advisory
https://open-school.org Product Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:open-school:open-school:2.3:*:*:*:community:*:*:*
cpe:2.3:a:open-school:open-school:3.0:*:*:*:-:*:*:*

Information

Published : 2019-08-08 01:15

Updated : 2019-08-14 03:30


NVD link : CVE-2019-14754

Mitre link : CVE-2019-14754

Products Affected
No products.
CWE