eClass SQL injection vulnerability
Last Update Date:
11 Mar 2014 14:27
Release Date:
11 Mar 2014
3640
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
![TYPE: Internet App Servers](/f/bulletin_type/100014/37p37/servers-internet-app-servers.png)
A SQL injection vulnerability has been identified in eClass IP (for secondary schools) and eClass Junior (for primary schools), which can be exploited to extract information from the database.
Impact
- Information Disclosure
System / Technologies affected
- Versions prior to ip.2.5.5.3.1 (eClass IP) or ej.5.0.4.3.1 (eClass Junior)
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version ip.2.5.5.3.1 (eClass IP) or ej.5.0.4.3.1 (eClass Junior)
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with