RSS   Vulnerabilities for 'Pisay online e-learning system'   RSS

2020-06-22
 
CVE-2020-14972

CWE-89
 

 
Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution (RCE) via the user_email, user_pass, and id parameters on the admin login-portal and the edit-lessons webpages.

 


Copyright 2020, cxsecurity.com

 

Back to Top