顏睿鵬

**Name of the Vulnerable Software and Affected Versions** e-School (affected versions not specified) **Description** The e-School system contains a missing authorization flaw. This allows remote attackers with regular privileges to access administrator functions, including creating, modifying, and deleting accounts. Attackers can also escalate any account to system administrator privilege. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Quanxun School Affairs System (affected versions not specified) Description: The issue allows unauthenticated attackers to view specific pages and obtain database information as well as plaintext administrator credentials. This exposure of sensitive information can be exploited by attackers to gain unauthorized access to admin credentials and database info. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.