projectworlds Online Admission System adminlogin.php sql injection

A vulnerability, which was classified as critical, has been found in projectworlds Online Admission System 1.0. This issue affects some unknown processing of the file /adminlogin.php. The manipulation of the argument a_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

Projectworlds Online Admission System 注入漏洞

Projectworlds Online Admission System是印度Projectworlds公司的一个在线录取系统。 Projectworlds Online Admission System 1.0版本存在注入漏洞，该漏洞源于对文件/adminlogin.php中参数a_id的错误操作导致SQL注入。

N/A

N/A