i-Educar SQL注入漏洞
i-Educar is a free educational software from Portábilis Open Source. A SQL injection vulnerability exists in i-Educar version 2.10 and earlier, which stems from incorrect manipulation of the parameter IDs in the file /module/ComponenteCurricular/view, which could lead to a SQL injection attack...