Arox School ERP Pro SQL注入漏洞

Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of School ERP Pro has a SQL injection vulnerability. This vulnerability stems from the esmessagesid parameter, which allows attackers to inject custom SQL statements through GET requests. As ...

PT-2026-5839

Name of the Vulnerable Software and Affected Versions School ERP Pro version 1.0 Description School ERP Pro version 1.0 contains a SQL injection issue in the es messagesid parameter. Attackers can manipulate database queries through GET requests by injecting crafted SQL statements. This could all...