eClass SQL injection vulnerability
Last Update Date:
11 Mar 2014 14:27
Release Date:
11 Mar 2014
4364
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
A SQL injection vulnerability has been identified in eClass IP (for secondary schools) and eClass Junior (for primary schools), which can be exploited to extract information from the database.
Impact
- Information Disclosure
System / Technologies affected
- Versions prior to ip.2.5.5.3.1 (eClass IP) or ej.5.0.4.3.1 (eClass Junior)
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version ip.2.5.5.3.1 (eClass IP) or ej.5.0.4.3.1 (eClass Junior)
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with