Lucene search
PRIOn knowledge basePRION:CVE-2021-3262HistoryAug 29, 2023 - 8:15 p.m.
Sql injection
2023-08-2920:15:00
PRIOn knowledge base
www.prio-n.com
8
tripspark veo
novusedu
sql injection
unsafe data inputs
post body parameters
search queries
TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the “Student Busing Information” search queries.
| CPE | Name | Operator | Version |
|---|---|---|---|
| novusedu | eq | 2.2.0-xxpbb20201123184084 | |
| veo_transportation | eq | 2.2.0-xxpbb20201123184084-os |
Related
cvelist
cvelist
CVE-2021-3262
2023-08-29 00:00:00
cve
cve
CVE-2021-3262
2023-08-29 20:15:09
nvd
nvd
CVE-2021-3262
2023-08-29 20:15:09