CVE-2020-12429

2020-04-28T20:15:00
ID CVE-2020-12429
Type cve
Reporter cve@mitre.org
Modified 2020-05-05T13:30:00

Description

Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php.