PT-2019-9628 · Php · Open Faculty Evaluation System

Publicado

2019-06-19

Atualizado

2019-06-20

CVE-2018-18758

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open Faculty Evaluation System 7 for PHP 7

Description The issue allows for SQL Injection in the submit feedback.php file.

Recommendations For Open Faculty Evaluation System 7 for PHP 7, update the submit feedback.php file to prevent SQL Injection attacks.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2018-18758

Open Faculty Evaluation System