Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Avanset Visual CertExam Manager 多个SQL注入漏洞
Vulnerability Description
Visual CertExam Suite是Visual公司的一套专为准备各种认证考试而开发的测试引擎,可创建、编辑各种和实际考试十分相似的测试卷并进行解答练习。包括两个程序:Visual CertExam Designer用于创建、编辑专业的练习试卷;Visual CertExam Manager提供创建好的测试卷的呈现界面。 Avanset Visual CertExam Manager 3.3以及更早版本中存在多个SQL注入漏洞。远程攻击者可通过(1)标题、(2)文件名或(3)候选人名等字段利用该漏
CVSS Information
N/A
Vulnerability Type
N/A