OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service.
CPE | Name | Operator | Version |
---|---|---|---|
oaklouds_portal | ge | 3.0 | |
oaklouds_portal | le | 3.0 | |
oaklouds_portal | ge | 2.0 | |
oaklouds_portal | le | 2.0 |