Описание
A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /add_contestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.
Ссылки
- Product
- ExploitIssue Tracking
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /add_contestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2