SQL Injection Vulnerability in Campus Card System of Harbin Xinzhongxin Electronics Co.
Harbin Xinzhongxin Electronic Co., Ltd Campus Card System is a digital campus solution. A SQL injection vulnerability exists in the fjid parameter in the getfjnr.action file of the Harbin Xinzhongxin Electronic Co. campus one-card system, which allows an attacker to exploit the vulnerability to...