Skip to main content

eClass SQL injection vulnerability

Last Update Date: 11 Mar 2014 14:27 Release Date: 11 Mar 2014 4364 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A SQL injection vulnerability has been identified in eClass IP (for secondary schools) and eClass Junior (for primary schools), which can be exploited to extract information from the database.


Impact

  • Information Disclosure

System / Technologies affected

  • Versions prior to ip.2.5.5.3.1 (eClass IP) or ej.5.0.4.3.1 (eClass Junior)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version ip.2.5.5.3.1 (eClass IP) or ej.5.0.4.3.1 (eClass Junior)

Vulnerability Identifier

  • No CVE information is available

Source


Related Link