7 matches found
CVE-2020-37089
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'esmessagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete databas...
CVE-2020-37089
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'esmessagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete databas...
CVE-2020-37089 School ERP Pro 1.0 - 'es_messagesid' SQL Injection
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'esmessagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete databas...
CVE-2020-37089
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'esmessagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete databas...
CVE-2020-37089
CVE-2020-37089 concerns School ERP Pro 1.0 with a SQL injection in the es_messagesid parameter. The vulnerability can be exploited by sending crafted SQL via GET requests , potentially allowing attackers to extract, modify, or delete data . Root cause: improper handling of user-controlled input i...
CVE-2020-37089 School ERP Pro 1.0 - 'es_messagesid' SQL Injection
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'esmessagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete databas...
School ERP Pro 1.0 - (es_messagesid) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: School ERP Pro 1.0 - 'esmessagesid' SQL Injection Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail...