2 matches found
SQL injection vulnerability in ask2 Q&A system backend (CNVD-2019-30155)
ASK2 Q&A is an open source PHP Q&A program. There is a SQL injection vulnerability in the backend of ask2 Q&A System, which can be exploited by attackers to obtain sensitive information about the database...
ask2 Q&A system front user.php file exists arbitrary user password change vulnerability
ask2 Q&A is an open source PHP Q&A program. There is an arbitrary user password change vulnerability in the ask2 Q&A System frontend user.php file. An attacker can exploit the vulnerability to directly modify the password of the administrator user...