CVE-2017-16561

2017-11-0722:00:00

mitre

www.cve.org

AI Score

9.8

Confidence

High

EPSS

0.004

Percentile

74.6%

JSON

/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the ‘friend_index’ parameter of a GET request.

References

www.exploit-db.com/exploits/43108/