TVN ID | TVN-202110005 |
---|---|
CVE ID | CVE-2021-42333 |
CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Affected Products | Huachu Digital Technology Co.,Ltd. Easytest ver.1705 |
Description | The Easytest online learning platform contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions. |
Solution | Update Easytest to version 2100 |
Credit | Eric Wang |
Public Date | 2021-10-15 |