SQL Injection Vulnerability in Penta Digital Campus System folder Parameter
Penta Digital Campus System is using the technology platform of .NET+SqlServer. A SQL injection vulnerability exists in the /BG/Mail/UMessageView.aspx page of Pangda Digital Campus System. The lack of filtering of the 'folder' parameter allows an attacker to exploit the vulnerability to obtain...