go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

SysJust Syuan-Gu-Da-Shih SQL-injection

TVN ID TVN-201910013
CVE ID CVE-2020-3937
CVSS 8.1 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products Versions before 20191223
Description SQL Injection in SysJust Syuan-Gu-Da-Shih versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database.
Solution Fixed, update to version > 20191223
Credit N/A
Public Date 2020-02-04

Links

  1. CVE-2020-3937
  2. CHT Security Red Team Discovered Several Vulnerabilities in Well-Known Domestic Stock Selection Syst
Top