iroha Board 跨站请求伪造漏洞

iroha Board is an e-learning system from the Japanese company iroha. A cross-site request forgery vulnerability exists in iroha Board v0.10.12 and earlier versions, which stems from the presence of a cross-site request forgery vulnerability that could lead to the registration of arbitrary learnin...

Easytest SQL Injection Vulnerability (CNVD-2021-83597)

Easytest is an online learning quiz platform of China's Hua Ju Digital Technology, Inc. Easytest is vulnerable to SQL injection, which can be exploited by attackers to inject SQL commands into the parameters of the learning history page after gaining user privileges to access all databases and ga...

CVE-2021-42336

The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters...

CVE-2021-42336

The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters...

CVE-2021-42333

The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions...

Design/Logic Flaw

The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters...

CVE-2021-42333 Huachu Digital Technology Co.,Ltd. Easytest - SQL Injection-1

The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions...

Easytest SQL注入漏洞

Easytest is an online learning quiz platform of China's Hua Ju Digital Technology, Inc. Easytest is vulnerable to SQL injection, which can be exploited by attackers to inject SQL commands into the parameters of the learning history page after gaining user privileges to access all databases and ga...

PT-2021-23579 · Easytest · Easytest

Name of the Vulnerable Software and Affected Versions: Easytest affected versions not specified Description: The learning history page of the Easytest is vulnerable to permission bypass. After obtaining a user's permission, remote attackers can access other users' and administrator's account...