PT-2026-4933 · Unknown · Testa Online Test Management System

Published

2026-01-27

Updated

2026-02-23

CVE-2021-47902

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Testa Online Test Management System version 3.4.7

Description The software contains a SQL injection issue. Attackers can manipulate database queries through the q search parameter. By injecting malicious SQL code into the search field, attackers may be able to extract database information, potentially accessing sensitive user or system data.

Recommendations Apply input validation and sanitization to the q search parameter to prevent the injection of malicious SQL code.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-47902

Affected Products

Testa Online Test Management System

PT-2026-4933 · Unknown · Testa Online Test Management System

CVE-2021-47902

Weakness Enumeration

Related Identifiers

Affected Products

References · 7